iRule and Datagroup with multiple conditions
Hello,
I am trying to create an iRule to drop traffic without using ASM, only LTM. I have four sets of conditions, two of then kind of nested, to execute the drop. "Basically" i have Datagroup ONE with allowed Specific URIs, Datagroup TWO with Specific disallowed URI, Datagroup THREE with Wildcard for Allowed URIs and Datagroup Four for Wildcard Disallowed (and yes, there are specific entries that match the opposite wildcards)
First Set of Conditions: Check an URI within a Datagroup ONE and within Datagroup TWO. If it is included in Datagroup TWO but NOT in Datagroup ONE continue with the second set of conditions
Second Set of condition: Check the same URI within DataGroup FOUR. (Datagroup 3 is not going to be used since the default action is allow) If it is included in Datagroup FOUR
Execute an action (Drop.
I was reading and it is possible to negate a Datagroup at the beginning of the sentence
`text`when HTTP_REQUEST
{
if { [class match [HTTP::uri] equals TWO] || [class match [HTTP::uri] starts_with FOUR] }
{ if { not [class match [HTTP::uri] equals ONE] ] }
Drop
}
At this point i am not going to use the wildcard for allowed, Datagroup THREE, since the default option will be allowed. It may be something easy but i am unable to get it...