For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ert_27713's avatar
Ert_27713
Icon for Nimbostratus rankNimbostratus
Jan 21, 2008

Irule ACL based on URI

Can someone help me with creating a rule that can filter URI access based on IP address.     Something like     userIP1 can access /userDIR1   userIP2 can access /userDIR2   userIP...
application delivery
dev
devops
iRules
Colin_Walker_12's avatar
Colin_Walker_12
Historic F5 Account
Jan 21, 2008
So what hoolio's saying is, try something like:


when HTTP_REQUEST {
  if {[matchclass [IP::remote_addr] equals $::userIP1] and [HTTP::uri] equals /userDIR1} {
    log local0.info "Allowed client to userIP1: [IP::remote_addr] requesting: [HTTP::uri]"
  } elseif {[matchclass [IP::remote_addr] equals $::userIP2] and [HTTP::uri] equals /userIP2} {
    log local0.info "Allowed client to userIP2: [IP::remote_addr] requesting: [HTTP::uri]"
  } elseif {[matchclass [IP::remote_addr] equals $::userIP3] and [HTTP::uri] equals /userIP3} {
    log local0.info "Allowed client to userIP3: [IP::remote_addr] requesting: [HTTP::uri]"
  } else {
    drop
    log local0. "Dropped client [IP::remote_addr] requesting: [HTTP::uri]"
  }
}

This is what it looked like you were trying to get to. Let us know if you've got further questions.

Colin