Forum Discussion
iRule and Datagroup with multiple conditions
Hello,
I am trying to create an iRule to drop traffic without using ASM, only LTM. I have four sets of conditions, two of then kind of nested, to execute the drop. "Basically" i have Datagroup ONE with allowed Specific URIs, Datagroup TWO with Specific disallowed URI, Datagroup THREE with Wildcard for Allowed URIs and Datagroup Four for Wildcard Disallowed (and yes, there are specific entries that match the opposite wildcards)
First Set of Conditions: Check an URI within a Datagroup ONE and within Datagroup TWO. If it is included in Datagroup TWO but NOT in Datagroup ONE continue with the second set of conditions
Second Set of condition: Check the same URI within DataGroup FOUR. (Datagroup 3 is not going to be used since the default action is allow) If it is included in Datagroup FOUR
Execute an action (Drop.
I was reading and it is possible to negate a Datagroup at the beginning of the sentence
`text`when HTTP_REQUEST
{
if { [class match [HTTP::uri] equals TWO] || [class match [HTTP::uri] starts_with FOUR] }
{ if { not [class match [HTTP::uri] equals ONE] ] }
Drop
}
At this point i am not going to use the wildcard for allowed, Datagroup THREE, since the default option will be allowed. It may be something easy but i am unable to get it...
- Stanislas_Piro2Cumulonimbus
Hi,
the better solution is not to create 4 data groups but only 2 containing action in value.
-
specific_uri with values:
- /uri1 := allow
- /uri2 := deny
- /uri3 := allow
-
wildcard_uri with values:
- /uri4/ := allow
- /uri5/ := deny
- /uri6/ := allow
then use this irule:
when HTTP_REQUEST { if {[set policy_status [class match -value [HTTP::uri] equals specific_uri]] equals ""} { set policy_status [class match -value [HTTP::uri] starts_with wildcard_uri] } switch $policy_status { "allow" { do nothing } "deny" { HTTP::respond 200 content {Request denied} } default { what is the default value } } }
-
specific_uri with values:
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com