Forum Discussion
NimbostratusForward HTTP Proxy iRule - Multi DNS and adding URI Whitelist
Am using v3.2 iRule and works great for me. Two things I'd like to do... 1. I need to add a second DNS server (round robin is fine, though would prefer priority group failover).
2. Use case is for access to 2 or 3 Domains only. Am I best setting up a 2nd iRule just for this (with simple HTTP Request URI verification, referencing a data class group)? Or can I add this in easily to existing v3.2 irule somewhere?
Any help appreciated.
2 Replies
- Kevin_Stewart
Employee
- I need to add a second DNS server (round robin is fine, though would prefer priority group failover).
the RESOLV::lookup command makes provisions for either a single DNS server IP or a virtual server name. So in this case, I'd create a port 53 internal VIP that load balances your DNS servers, and then specify that VIP name static::dns.
- Use case is for access to 2 or 3 Domains only. Am I best setting up a 2nd iRule just for this (with simple HTTP Request URI verification, referencing a data class group)? Or can I add this in easily to existing v3.2 irule somewhere?
What do you want to do if the domain does not match? You could perhaps very simply add an if { [HTTP::host] equals... clause at the top of the HTTP_REQUEST.
ZdendaCirrus
Hi, I have updated this great iRule "HTTP Forward Proxy - v3.2" and managed to allow only specified internet hosts. But I am not sure how to efficiently allow also all related subsites/subpages (where can be stored images etc.) I was thinking about usage of some local variable, but I need something what is reachable outside of HTTP_REQUEST event, so I was thinking about cookie, but it also might be bad idea.
Has anyone any idea how to automatically whitelist all subsites when primary site is already whitelisted?
Thanks, Zdenek
