Forum Discussion

Nimbostratus

Jun 05, 2017

irule allowing access from multiple subnets

Hi group, I'm using the below irule to block access to a file called "sales_new" for everyone except if you're coming from the 10.0.0.0/8. This irule is working perfectly. But now I need to ad...

irules

security

dragonflymr

Cirrostratus

Jun 05, 2017

Hi,

Just change it to, probably not the best code around but should work:

when HTTP_REQUEST {
    log local0. "Client IP: [IP::client_addr]"
    log local0. "URI: [HTTP::uri]"
    if { ([HTTP::uri] contains "/Sales_New" ) and not ( [IP::addr "10.0.0.0 mask 255.0.0.0" equals [IP::client_addr]] or [IP::addr "172.16.0.0 mask 255.240.0.0" equals [IP::client_addr]]) } {
    log local0. "dropped"
    reject
    } 
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

irule allowing access from multiple subnets

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

certitcate error

Layered ASM for APM login page protection

migrate from serie I to R. Cluster LTM-GTM

APM URL encoding Hardening?

Trial License for F5 virtual edition in eve-ng

Related Content

Using n8n To Orchestrate Multiple Agents

Using Client Subnet in DNS Requests

Implementing Client Subnet DNS Requests

Implementing Client Subnet in DNS Requests

Double Trouble: Multiple Controllers Handling the Same Kubernetes LoadBalancer Service

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS