Forum Discussion
iRule expressions for not-eqauls in datagroup
Thanks for the response! With the irule that you provided -- it looks to me that if the uri and datgroup list are present that it will allow the traffic to go to the pool. Then if the ip address is NOT present, then it will redirect all traffic to the external page. The issue I forsee happening is that it will break all other traffic to this pool. There are many other URI's that should work, but I believe would now get redirected based on this. Example..
Currently this application has two logon pages one for java and one for non java. The URI's have different paths (Java = /uri/java/logon vs Non-Java /uri/app/logon), so this was easy for me to create an iRule only allow a match on that java uri and data group list, then if not, then send to nonjava. We discovered later on that we had users that had bookmarks within this application that can get around the actual logon page. So when you logon to the actually application, the uri changes to uri/random/landingpage.do for the java page and then uri/random/landingpage.do?ESS=true. Since the java and non java are so close in name, I have to figure a way to say if you are coming from this datagroup IP list and equals uri/random/landingpage.do to allow the traffic to happen, but if you are coming from an IP address outside of the datagroup list and equals uri/random/landingpage.do, then send to the external page.
Hi,
The question was way to use "not" on that iRule, was what I tried to show the way.
The conditional "[HTTP::uri] equals /logon/java" will affect only this exactly path, so, other paths or same with other querystring will not be affected.
e.g.
/logon/java = Yes, affected
/logon/Java = not affected
/logon/java?param=value = not affected
/path1/logon/java = not affected
/logon/java/path3 = not affected
/whatever= not affected
In that rule, anything else than "/logon/java" (exact chars and case) will not be affected or broke as we are using "equals" operator on HTTP::uri (path + querystring).
I think didn't quite understand your goal explained on your last reply.
What is your goal since you mentioned that you wrote a rule?
Are you facing issue to read a randomly path to permit only Java clients IP?
Best regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com