Forum Discussion
Help with IRule
I am having issues with my iRule.
Running code BIG-IP 10.2.1 Build 297.0 Final
iRule
---------------------------
when HTTP_REQUEST {
if { not ([matchclass [IP::client_addr] equals $::SS_CMS_Nets]) and ([matchclass [string tolower [HTTP::uri]] contains $::SS_CMS_URLs]) } {
HTTP::redirect "http://siteroot.com"
}
}
DataGroups
--------------------------
SS_CMS_NETS
192.168.100.0/24
SS_CMS_URLS
/cms-admin
What I am trying to achieve is to only allow requests to http://siteroot.com/cms-admin/ to be served to clients coming from the 192.168.100.0/24 subnet. All other clients need to be redirected back to http://siteroot.com/
So far all that happens is all clients irrespective of IP address get directed back to http://siteroot.com
Can someone please help figure out what I am doing wrong here?
- Michael_YatesNimbostratusHi esexon,
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] contains "/cms-admin" } { If URI matches verify that the Client has access if { !([class match [IP::client_addr] equals AllowedNetworkList ]) } { If they do NOT have access, do this: HTTP::redirect "http://www.google.com" } } } when HTTP_REQUEST { if { [string tolower [HTTP::uri]] contains "/cms-admin" } { If URI matches verify that the Client has access if { [class match [IP::client_addr] equals BlockNetworkList] } { If they DO have access, do this: HTTP::redirect "http://www.google.com" } } }
- Michael_YatesNimbostratusOh,
- esexon_27963NimbostratusHi, makes sense but for some reason it still doesn't work.
- esexon_27963NimbostratusThis is the rule I have in place.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com