Difficulty question

Question

I need to provide a way to control access from specific source networks through a virt to destination nodes in a pool and allow only specific ports to those nodes. Due to the way this particular application works there will be database servers required on the same subnet that support this application.  The database servers are not allowed to be contacted by any system other then the application servers.  Essentially I'm trying to build and "ACL" for specific host ips and ports that permits access to the app servers, but denies all other access to the database server.  I was told the best way to do this is via iRules.  How difficult is this to accompliah considering I'm a new guy to iRules? 
&nbsp;  
&nbsp;  
&nbsp; Thanks for the input!

hoolio · Answer

There is a Codeshare example which implements similar ACL type functionality as what you've described: 
&nbsp;  
&nbsp; Access Control Based On Network Or Host (Click here) 
&nbsp;  
&nbsp; You could try modifying that rule to suit your requirements. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Difficulty question

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

UCS Encryption Question

Site Launch Frequently Asked Questions

F5 Connection Mirroring question

Health monitor question

irule logging question

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS