Forum Discussion
HELITG_35878
Nimbostratus
NimbostratusHelp with blocking referers
We're migrating from a version 4 appliance to version 9. We maintain various sites behind our loadbalancers. We want to use block refers linking to our content.
I have a defined a classed based on the sites
class live_sites {
"www.site.com"
"www.site.co.uk"
"www.site.de"
"www.site.eu"
"www.site.fr"
}
Our 4.5 the rule worked.
The version 4.5.x rule we are trying to replicate is as follows:
rule live-sites {
if (http_host == one of live_sites) {
use pool live_pool
}
else {
discard
}
}
I'm having problems trying to achieve the same results in version 9.
when HTTP_REQUEST {
if { [matchclass http::host equals $::live_sites] } {
pool live_pool
}
else {
discard
}
}
Can anyone offer any assistance?
Thanks in advance.
hoolioCirrostratus
If you want to validate that all requests have a host header value equal to the entries in your datagroup, the rule and datagroup you have listed should work. Just wrap the HTTP::host with square braces: [HTTP::host]. If you want to verify that the host header value value in the request contains one of the datagroup entries, you could change the "equals" to "contains".
Lastly, if you want to verify that the HTTP Referer header contains a valid host, you could replace [HTTP::host] with [HTTP::header value Referer].
Aaron
HELITG_35878Thanks Aaron,
When I use the square braces I get the following error. FYI, I'm running 9.4.3
01070151:3: Rule [ir_live] error: line 2: [undefined procedure: http::host] [http::host]
iRule listed below
when HTTP_REQUEST {
if { [matchclass [http::host] contains $::live_sites] } {
pool live_pool
} else {
discard
}
}- hoolioHTTP::host is case sensitive. Can you replace http::host with HTTP::host, and retest?
Aaron - HELITG_35878Thanks Aaron!
Spot on.