Forum Discussion

networksecurity2022

Nimbostratus

Apr 01, 2022

i rule

please help me to create Irule below requirement. If <sourec ip1 >or <source ip2> IPs are the sourceAddress and Host header is either <x.x.x.x>or <Y.Y.Y.Y> then you have to allow the communication. ...

security

networksecurity2022

Nimbostratus

Above rule not working, request must allow. only reject Other than source ips, rest of the IPs will be blocked if they are having IP in the host header.

Dario_Garrido

MVP

Apr 01, 2022

Hello.

Check this one.

Rejects everything to those IPs (<x.x.x.x> or <y.y.y.y>) in the host header, except if the source is one of those IPs (<source ip1> or <source ip2>)

when HTTP_REQUEST {
  if { ([HTTP::host] eq "<x.x.x.x>") || ([HTTP::host] eq "<y.y.y.y>") } {
    if { !(([IP::client_addr] eq "<sourec ip1>") || ([IP::client_addr] eq "<sourec ip2>")) } {
      reject
    }
  }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

i rule

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

F5 Distributed Cloud Origin Server Subset Rules

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

LTM Cipher rule

F5 Distributed Cloud Network Firewall Rule Evaluation and Packet Flow

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS