Forum Discussion
Irule based on source IP and URI request
Hi Jean,
A redirect is always URL related, and a forward is pool related. You somehow mixed redirect and pool in your question which makes no sense for me.
Could you clarify you current setup slightly more in detail?
You have a VS which is serving content from lets say Pool_A? Now you want to forward requests to Pool_B, if known Client IPs requesting a specific /path? Or do you want to HTTP redirect the requests to an external site (e.g. https://sitename/ ), if known Clients requesting a specific /path?
Cheers, Kai
- Jean_MamèneDec 05, 2022Cirrus
Actually I have iRule1
I need iRule2. two source IP different but same request URI, and if source IP is 10.0.0.1 I need to go on pool1 and pool2 if 10.0.0.2- Kai_WilkeDec 05, 2022MVP
HI Jean,
Ideally you could integrate the Source IP Condition to your existing iRule. If you attach a second iRule to your setup without knowing what the first iRule does, it may have some side effects. But lets give it a try with a carefully choosen syntax...
when HTTP_REQUEST priority 750 { # Check if iRule 1 has already responded the request... if { [HTTP::has_responded] == 1 } then { # iRule 1 has already HTTP::responded the request. We abort iRule execution... } elseif { not [string tolower [HTTP::path]] starts_with "/uri1/test" } then { # HTTP request is for a different path. We should not care... } elseif { [IP::client_addr] equals "10.0.0.1" } then { # Client 10.0.0.1 is sending requests to /uri1/test. We forward to pool1 pool pool1 } elseif { [IP::client_addr] equals "10.0.0.2" } then { # Client 10.0.0.2 is sending requests to /uri1/test. We forward to pool2 pool pool2 } else { # We dont care for remaining clients... } }
The provided iRule uses "priority 750" and should therefor most likely execute after your first iRule (default priority is 500 unless specified otherwise) finished. The provided iRule checks at first if your first iRule has already HTTP::responded the incomming request and aborts further processing if this is true. It will then filter out every HTTP::path not starting_with /uri1/test and abort further processing. Requests starting_with /uri1/test will be further analysed, to see if the client is 10.0.0.1 or 10.0.0.2 and request from those clients will be then forwarded either to pool1 or pool2. The iRule does nothing for remaining client IPs...
HTH and Cheers, Kai
- Jean_MamèneDec 07, 2022Cirrus
Thank's !
But I think it's better to swap irule order.
Because in this state, iRule1 match all time if 10.0.0.1 want to go on /uri1/test1. iRule1 don't have source IP condition.
I think it's better to have iRule2 more strict in first place and if it's not IP 10.0.0.1 or 10.0.0.2 iRule1 in second place match with.
regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com