F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Jace_45978's avatar
Jace_45978
Icon for Nimbostratus rankNimbostratus
Aug 12, 2011

F5 iRule to reject/allow outbound access based on URI, DNS

because we have a FW that allows access outbound based on IP only, wondering if there is a way in the F5 to allow outbound access or reject access based on URI or DNS lookups.   example:   webse...
application delivery
dev
devops
iRules
Colin_Walker_12's avatar
Colin_Walker_12
Historic F5 Account
Aug 12, 2011
Yes, you can certainly do this as long as your webservers are routing through the BIG-IP. This would just require a simple iRule on whatever internal VIP the servers are routing through to inspect the HTTP request and deny based on host.

Something like: 


when HTTP_REQUEST {
  if {[HTTP::host] ne "www.yahoo.com" } {
    reject
  }
}

Obviously that's very simple, but that's the basic idea.

Colin