Forum Discussion

networksecurity2022's avatar
Apr 01, 2022

i rule

please help me to create Irule below requirement.

If <sourec ip1 >or <source ip2> IPs are the sourceAddress and Host header is either <x.x.x.x>or <Y.Y.Y.Y> then you have to allow the communication. Other than <sourec ip1 > and <source ip2> IPs, rest of the IPs will be blocked if they are having IP in the host header.

  • Hello networksecurity2022.

    Try this

    when HTTP_REQUEST {
      if { ([IP::client_addr] eq "<sourec ip1>") || ([IP::client_addr] eq "<sourec ip2>") } {
        if { !(([HTTP::host] eq "<x.x.x.x>") || ([HTTP::host] eq "<y.y.y.y>")) } {
          reject
        }
      }
    }

     

  • Above rule not working,  request must allow. only reject Other than source ips, rest of the IPs will be blocked if they are having IP in the host header. 
    • Dario_Garrido's avatar
      Dario_Garrido
      Icon for MVP rankMVP

      Hello.

      Check this one. 

      Rejects everything to those IPs (<x.x.x.x> or <y.y.y.y>) in the host header, except if the source is one of those IPs (<source ip1> or <source ip2>)

      when HTTP_REQUEST {
        if { ([HTTP::host] eq "<x.x.x.x>") || ([HTTP::host] eq "<y.y.y.y>") } {
          if { !(([IP::client_addr] eq "<sourec ip1>") || ([IP::client_addr] eq "<sourec ip2>")) } {
            reject
          }
        }
      }