Forum Discussion
Steve_Gillis_83
Nimbostratus
NimbostratusDoing an HTTP to HTTPS redirect and need to exclude an address or range
I am using the following irule to redirect users to 443 from 80 and need to exclude either a specific address, or a range of addresses.
Can someone please give me a sample of how to incorporate this into my script?
Thanks - Steve G.
iRule to redirect HTTP to HTTPS
===============================
when HTTP_REQUEST {
HTTP::redirect https://[HTTP::host][HTTP::uri]
}
5 Replies
William_Wash_98You should be able to use the IP::client_addr command to return the IP address of the client, and then determine if it needs to be redirected.
Hugs and Kisses,
Bill Wash
iRule to redirect HTTP to HTTPS except for a specific IP address
===============================
when HTTP_REQUEST {
if {IP::client_addr not equals x.x.x.x}
{HTTP::redirect https://[HTTP::host][HTTP::uri]}
}
Steve_Gillis_83Unfortunately, that syntax is not accurate. Can you reply back with it as it would be coded?
Can any one else shed some light?- Hi Steve --
Are you using BIG-IP 4.x or LTM v9.x?
(The rule you posted is a v9 rule, but this is the v4 forum.) - Steve_Gillis_83BIG-IP 9.4.0 Build 517.5
So, I guess BigIP 9.x. Sorry, little confused. Thought the BigIP was running 9.x and the iRules were 4.x
Given that, can you possibly offer some advice how to accomplish this? - sure, no problem.
The iRules version is the same as the product version. Some 4.x commands are supported by v9 for backward compatibility, but most have been replaced with newer versions.
I think a simple rule referencing a class (data group list) listing hosts & subnets would work best. First create a class of type Address that includes the hosts & subnets, then create a v9 iRule like this referencing the class (class should be named "HTTPAllowedHosts", otherwise adjust the calss name in the code):when HTTP_REQUEST { if {!([matchclass [IP::client_addr] equals $::HTTPAllowedHosts])}{ HTTP::redirect https://[HTTP::host][HTTP::uri] } }
/deb
