Forum Discussion
Dave_22402
Nimbostratus
Nimbostratusirule based on ip and url
I am trying to construct an Irule that first checks for a url and then allows access based on IP.
Example -
if the url is "/foo/*" and IP = 123.123.123.123
then go to this pool, if not go to bad pool and deny access or drop.
13 Replies
- JRahm
Admin
If the URI check doesn't match, then the IP won't be checked for the request as the two checks are being AND'd.
Exactly. And because it doesn't match, I'm discarding it, and the IP is irrelevant anyway. Only if it does match do I care what the IP is. At least that's how I'm interpreting the original poster's requirements. 
hoolioCirrostratus
Sorry Citizen, I was being a dolt thinking that you were checking for a blacklisted URI with something like this:
if {$black_listed_uri && !($allowed_ip)}{
reject
} else {
allow
}
So you and iRuleYou are entirely correct. The only potential issue is if an allowed IP is able to obfuscate the URI they'd be able to bypass the iRule security and make a request to a non-white-listed URI.
Aaron- JRahmwhew. It's been a couple days of fail for me, so it's good to know I'm not losing it.
