Forum Discussion

kh1's avatar
kh1
Icon for Nimbostratus rankNimbostratus
Apr 21, 2024

Irule for Host block with custom ASM violation

Dears,

 

I have following scenarios, 

1. if Traffic from Internal user/IP --- > Allow connection 

2. Traffic from internet
2.1) Block access only on Host name ( URL ), That is -----> https://XYZ.com
2.2) Allow access to URI's, Thats is ------- > https://XYZ.com/abc or https://XYZ.com/*

 

 

I tried multiple way and find some solution but its not working. Its great if some one helps here

 

when HTTP_REQUEST {
    set reqBlock 0
    if {[string tolower [HTTP::host]] eq "XYZ.Google.com" && [IP::addr [IP::client_addr] equals "10.0.0.0/8"]} {
        log local0. "[IP::client_addr] triggered geo"
        set reqBlock 1
    }
}

when ASM_REQUEST_DONE {
    if {$reqBlock == 1} {
        ASM::raise VIOLATION_URL_GEOLOCATION
    }
}

 

  • when HTTP_REQUEST priority 500 {
        if { ([IP::addr [IP::client_addr] equals 10.0.0.0/8]) || ([HTTP::host] == "xyz.com") } {
            return
        } else {
            HTTP::respond 403 content "Access Denied"
        }
    }

    Strictly with an iRule, this should be close to what you need to allow requests from 10/8 to any host or require host xyz.com. If you have ASM, you can configure this in the policy and you shouldn't need an iRule at all.