Forum Discussion

  • I resolved the issue by using the LTM Policy instead of the iRule.

  • In the long run it would be easier to use irule data groups so you can adding urls and IPs without touching the irule

    • jayson27's avatar
      jayson27
      Icon for Cirrus rankCirrus

      Hi Aswin,

       

      Yes we will allow only specific IPs to access specific URL

      • Aswin_mk's avatar
        Aswin_mk
        Icon for Cumulonimbus rankCumulonimbus

        Hi jayson27

        Did you get expected answer. ? I can see so many irule attached in this conversation now

         

         

  • hello ,

    yes it is possible.. here is the example.. 

    when HTTP_REQUEST {
        set srcip [IP::client_addr]
        if { [HTTP::header exists "X-Forwarded-For"] } {
            set srcip [HTTP::header "X-Forwarded-For"]
            #log local0. "USER-SOURCE $srcip"
        }
     
        if  { [HTTP::path] starts_with "/xzy" } {
            switch $srcip {
                "13.174.130.182" -
                "31.121.101.157" -
                "35.77.107.183" {
              ACCESS::disable
                }
            }
        }
    }

    • jayson27's avatar
      jayson27
      Icon for Cirrus rankCirrus

      Hi,

      Can you tell me if below is correct?

       

      if  { [HTTP::path] starts_with "/xzy" } {        <<<<<<<<< URL
              switch $srcip {
                  "13.174.130.182" -             <<<<<<<<<<<<<<<<< IPs Allowed?
                  "31.121.101.157" -
                  "35.77.107.183" {
                ACCESS::disable                <<<<<<<<<<<<<<<<< Action?

       

      • Ozzy's avatar
        Ozzy
        Icon for Cirrus rankCirrus

        hello Jayson27,

        it is just an example ... 

        instead of ACCESS::disable .. you can user "reject" or

         HTTP::respond 403 content {
                    <html>
                    <head><title>403 Forbidden</title></head>
                    <body>
                    <h1>403 Forbidden</h1>
                    <p>Access denied: Your IP address does not have permission to access this resource.</p>
                    </body>
                    </html>
                } Content-Type "text/html"
                
                # ends the connection
                reject
            }