For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

tnastars_92934's avatar
tnastars_92934
Icon for Nimbostratus rankNimbostratus
Feb 02, 2010

Help With IRule to limit access via an address data group

Hello,     I have created the below iRule. I am trying to limit access to a URL based on a specific URI, but allow all traffic to any other URI going to the virtual server. My main questio...
application delivery
dev
devops
iRules
tnastars_92934's avatar
tnastars_92934
Icon for Nimbostratus rankNimbostratus
Feb 02, 2010
Hoolio,

 

 

Thank You for the fast response. Can I just clarify what you are trying to say? I can leave a default pool on the Virtual server as well as the iRule? If I understand that correctly I am assuming that the F5 looks at the iRule first and the criteria is not met than it sends it to the default Pool. If the iRule criteria is met then the iRule would send back the 403 - Forbidden? Also, I looked at the post you pointed me too. Is that saying that I should use http::path instead of the http::uri command? Is this what you are suggesting:

 

 

 

when HTTP_REQUEST {

 

if { [HTTP::path] starts_with "/PAPayments/"} {

 

 

if { not [matchclass [IP::client_addr] equals $::good_IP} {

 

 

HTTP::respond 403 content "403 - Forbidden" }

 

 

}

 

}