Forum Discussion

Fred_01's avatar
Fred_01
Icon for Nimbostratus rankNimbostratus
Mar 15, 2017

filter acces with ip public on the url

Hello

 

I have a lot of Virtual Server configured on my F5 and I want to block acces on the website if the url contains the IP public.

 

as I have a lot of VS, I don't want a specific Irule on each VS, I would like a generic Irule who check the format of the host field and if it's a Ip adress it will block it.

 

do you know if a irule like that exists?

 

if not, do you know how check if the host field has IP address format

 

thank you

 

application delivery
iRules
LTM
security

3 Replies

  • KeesvandenBos's avatar
    KeesvandenBos
    Icon for MVP rankMVP
    Mar 15, 2017

    Hi,

    Here is a simple irule:

    when HTTP_REQUEST {
    if { [HTTP::host] == "1.1.1.1" }{
        HTTP::redirect "http://www.website.com[HTTP::uri]"
    }
}

    If you want to create only one irule you need to create a data group with mappings between ip address and hostname of the vip.

    Cheers,

    Kees

  • Fred_01's avatar
    Fred_01
    Icon for Nimbostratus rankNimbostratus
    Mar 15, 2017

    I make this irules and it's works

    when HTTP_REQUEST { 
if {[regexp {^(?:(\d{1,2})|(1\d{2})|(2[0-4]\d)|(25[0-5]))(?:\.((\d{1,2})|(1\d{2})|(2[0-4]\d)|(25[0-5]))){3}$} [HTTP::host] match]} {
    clientside {
        HTTP::respond 403 -version "1.1" content "Request RejectedYou are not authorized to access this page" noserver Connection Close
    }
}

    }

  • Amine_Kadimi's avatar
    Amine_Kadimi
    Icon for MVP rankMVP
    Mar 15, 2017

    An alternative to regex, if all your hostnames share a common string (eg com):

    when HTTP_REQUEST { 
 if { not [string tolower [HTTP::host]] contains "com" } {
    clientside {
        HTTP::respond 403 -version "1.1" content "Request RejectedYou are not authorized to access this page" noserver Connection Close
    }
}

    I didn't test but you got the idea.