Forum Discussion
Lucas_Kaczmars1
May 20, 2019Altostratus
irule - stop processing on condition match
Hello, I searched for this answer and I've found that using 'event disable all' should exit processing the irule below, but it still goes to the second 'if' statements and evaluates it. Can someon...
- May 20, 2019
You could rewrite the iRule using nested 'if' statements so you don't need a return, that way, you only check the host header once
when HTTP_REQUEST { if {[string tolower [HTTP::host]] eq "test.website.com"} { if {[string tolower [HTTP::path]] starts_with "/authentication"} { log local0. "Accepted request test.website.com/authentication [HTTP::uri] for client [IP::client_addr]" } else { log local0. "Rejected request test.website.com [HTTP::uri] for client [IP::client_addr]" reject } } }
Lucas_Kaczmars1
May 20, 2019Altostratus
Hi Lee,
Thanks for your reply. My goal is to allow everyone asking for test.website.com/authentication and deny everybody else asking for test.website.com. Is this the way to do it using 'return'? I want to be able to log requests for test.website.com/authentication so can I still keep the first 'if' statement?
when HTTP_REQUEST {
if { (([string tolower [HTTP::host]] eq "test.website.com") and ([string tolower [HTTP::path]] starts_with "/authentication")) } {
log local0. "Accepted request test.website.com/authentication [HTTP::uri] for client [IP::client_addr]"
return
}
if { (([string tolower [HTTP::host]] eq "test.website.com")) }
{
log local0. "Rejected request test.website.com [HTTP::uri] for client [IP::client_addr]"
reject
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects