F5 irule set restrictaccess 0 & 1 command.

In your example, the variable named restrictaccess is being used as a Boolean switch to determine whether a client should be restricted from accessing what looks like an application API. The restrictaccess switch is set to true (1) by default, meaning the client should not have access to the API. This happens during the CLIENT_ACCEPTED event, which occurs upon successful completion of the three-way handshake between the client and the virtual server on the BIG-IP system. Then the client's IP address is compared to the values in a datagroup. If a match is found, restrictaccess is set to false (0), meaning the client is allowed to access the API.

The restrictaccess switch is then checked during the HTTP_REQUEST event, which occurs every time the client sends an HTTP request across the existing connection. If restrictaccess is true (1) and if the request is for the API, the client is blocked from access via the custom HTTP response content. If restrictaccess is false (0), the client is allowed access to the API (or whatever element it was they requested).