Forum Discussion
shakalakka
Altostratus
AltostratusiRule and multiple switch-statements
So we need to filter based on both URIs and host-headers AND the source-IPs. I have tried using two switch-statements, with the same action for both if the client-IP-range matches - the first one wor...
CA_Valli
MVP
MVPHello shakalakka,
I've noticed that you didn't include default condition in your switch blocks, so I'm assuming second block might never be evaluated since code likely breaks at first evaluation.
I'm pretty sure that if you try to swap the two blocks and put HOST check first, it will start working and it will break URI check.
Can you try this ?
when HTTP_REQUEST {
set RESPONSE "<html><title>404 - NOT FOUND</title><body>404 - not found</body></html>"
switch -glob [string tolower [HTTP::uri]] {
"/someuri" -
"/someuri/*" {
if { [matchclass [IP::client_addr] equals dg_blockthesehosts ] } {
HTTP::respond 404 -version auto content $RESPONSE noserver "Content-Type" "text/html;charset=utf-8"
TCP::close
event disable
return
}
} default {}
}
switch -glob [string tolower [HTTP::host]] {
"Host1.host.com" -
"Host2.host.com" {
if { [matchclass [IP::client_addr] equals dg_blockthesehosts ] } {
HTTP::respond 404 -version auto content $RESPONSE noserver "Content-Type" "text/html;charset=utf-8"
TCP::close
event disable
return
}
}
}
}