Forum Discussion
NimbostratusIrule filtering via uri with depth
This is what i want to do and try to do but no joy.
I try to filter a request with depth so for example url is;
a.x.com/s/control or a.x.com/xyz/zyx/control So this is where i want to apply the rule. as on url if 2nd and 3rd depth, if it only contains "/control" on 2nd and 3rd depth and client does not have datagroup listed ip reject else return
Irule;
when HTTP_REQUEST {
if { ( [URI::path [HTTP::uri] 2 3] contains "/control") and not ([class match [IP::client_addr] eq ss_allowed_address]) } {
reject
}
else {
return
}
}
2 Replies
- Kevin_Stewart
Employee
It looks like you've stumbled upon an unusual behavior. First, if you want to get the value of a single path element with the URI::path command, use the same start and end values.
if { [URI::path [HTTP::path] 2 2] equals "/control/" }Where that appears to break down though is when looking at a last path element that doesn't end with /, in which case URI::path simply returns "/".
http://x.y.com/a/b/c/d/control/ vs. http://x.y.com/a/b/c/d/controlI was able to work around this by basically turning the path into a list and evaluating specific list elements like so:
when HTTP_REQUEST { if { ( [lindex [split [HTTP::path] "/"] 2] contains "control" ) or ( [lindex [split [HTTP::path] "/"] 3] contains "control" ) } { if { not ( [class match [IP::client_addr] equals ss_allowed_address] ) } { reject } else { return } } }Let me know if that works.
maximillean_953Thanks my friend. You are the one. Rule works perfectly with depth. Exactly the way I need it.
Take care and be well
Btw I was the one who added you on linkedin.
