Forum Discussion

Nimbostratus

Apr 01, 2011

data group not matching

I'm writing an irule to deny logins from external users. I've tried to define a datagroup that contains allowed subnets, but have not been able to get it to match to an incoming address. See below. ...

Cirrostratus

Apr 01, 2011

That looks good. One small correction: you're missing the square braces around HTTP::path:

switch -glob [string tolower [HTTP::path]] {

Also be aware that it's really simple to bypass URI based checks like that on IIS:

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/30900/showtab/groupforums/Default.aspx31324

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

data group not matching

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

How to configure ssh access by key on F5OS

Related Content

Intermediate iRules: Data-Groups

v11: iRules Data Group Updates

Class match with starts_with - Data group matching order

External Data Group Import Failing.

iRules Data Group Formatting Rules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS