Forum Discussion
JCMATTOS_41723
Nimbostratus
NimbostratusHTTPS IP redirect?
We are using 9.4.7 and trying to create an irule that passess certain IP's thru w/o a redirect and redirects everyone else. I like to use one using a class/datagroup for easier IP entry, but I can't seem to get it to work properly. Any ideas?
when HTTP_REQUEST {
switch [matches[IP::client_addr] eq $::NETgroup] {
forward
}
{HTTP::redirect "https://[HTTP::host][HTTP::uri]"}
}
7 Replies
- The_BhattmanHi JC,
Try thiswhen HTTP_REQUEST { if { [matchclass [IP::client_addr] equals $::myIPs] } { forward } else { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }
I hope this helps
Bhattman 
JCMATTOS_41723Strange...I pasted it in and matched up the datgroup names. Now if your part of the IP class you get an error, but everyone else gets redirected as expected.- The_BhattmanHere is some changes
when HTTP_REQUEST { if { [matchclass [IP::client_addr] equals $::NETgroup] } { forward } else { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }
Bhattman - JCMATTOS_41723Strange...I changed the forward to an actual pool and it works? I do have a pool configured as the default. Why wouldn't forward work?
- The_BhattmanHi JC
forward command bypasses load balancing altogether. The error was because it needed a pool based on how you configured your VS.
Bhattman - JCMATTOS_41723I just saw that article. Is there a way to use the default pool without having to add it statically?
- The_BhattmanHi JC,
Sure if you add the default pool in the VS resource tab. Then your irule can be rewritten aswhen HTTP_REQUEST { if { ![matchclass [IP::client_addr] equals $::NETgroup] } { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }
Basically if it doesn't match anything is $::NETgroup then redirect. If does match then ignore the redirect and continue to the default pool
I hope this helps
Bhattman
