Forum Discussion
CirrusiRule command to allow IP range to access specific URL
I resolved the issue by using the LTM Policy instead of the iRule.
CirrusI don't understand exactly what you want, but I think it would be easier to allow only certain IPs and block the rest... you can update it this way.. I am giving very general examples here, which you can modify and apply as you wish.
when CLIENT_ACCEPTED {
# allowed IPS
set allowed_ips {192.168.1.100 10.0.0.50 172.16.0.20}
#client IP
set client_ip [IP::client_addr]
# check the client IP is in the allowed-IPs
if { [lsearch -exact $allowed_ips $client_ip] < 0 } {
# if not , logged, blocked and message
log local0. "Blocked IP: $client_ip tried to access without permission."
HTTP::respond 403 content {
<html>
<head><title>403 Forbidden</title></head>
<body>
<h1>403 Forbidden</h1>
<p>Access denied: Your IP address does not have permission to access this resource.</p>
</body>
</html>
} Content-Type "text/html"
reject
}
# If the client IP is among the allowed ones, continue as normal workflow
}
CirrusI am now getting the iRule but can I add also the URI to filter.
What we are trying to achieve is when client with IP 10.1.1.1 (sample only) access the http uri path "/example/login" it will be allowed then others will be deny.
