Forum Discussion
AltostratusIrule drop on geolocation or ip assistance
You can do it via a datagroup, Create a datagroups named -
- whitelist_countries and add records with AU & CN.
- whitelist_ips and add records with 1.2.3.4 5.6.7.9
Then with the Irule take action accordingly, you can store the details in variables for better view, understanding & logging. Take out else section if you feel not needed.
when CLIENT_ACCEPTED { set country [whereis [IP::client_addr] country] set source [IP::client_addr] if { (![class match $country equals whitelist_countries]) or (![class match $source equals whitelist_ips]) } { log local0. "Dropping connection of Source IP: $source, Country: $country" drop } else { log local0. "Allowing connection of Source IP: $source, Country: $country" } }Hope it helps. Test and update back.
Note: Even if you whitelist some IP's and if they are part of blocked country, it will drop it. Because you are using OR operation. You can use nested if logic to adjust accordingly.
NoctilucentYou can do it via a datagroup, Create a datagroups named -
- whitelist_countries and add records with AU & CN.
- whitelist_ips and add records with 1.2.3.4 5.6.7.9
Then with the Irule take action accordingly, you can store the details in variables for better view, understanding & logging. Take out else section if you feel not needed.
when CLIENT_ACCEPTED {
set country [whereis [IP::client_addr] country]
set source [IP::client_addr]
if { (![class match $country equals whitelist_countries]) or (![class match $source equals whitelist_ips]) } {
log local0. "Dropping connection of Source IP: $source, Country: $country"
drop
} else {
log local0. "Allowing connection of Source IP: $source, Country: $country"
}
}Hope it helps. Test and update back.
Note: Even if you whitelist some IP's and if they are part of blocked country, it will drop it. Because you are using OR operation. You can use nested if logic to adjust accordingly.
