Forum Discussion
harton
Nimbostratus
NimbostratusiRule for IP restrction with blocked IPs redirected to LTM webpage
Hello,
I'm currently running LTM version 10.2.4. Based on an example I found on DevCentral, I'm planning to use an irule that uses the class command to match source IPs that are defined in a data group. For IPs that are not defined in the data group, is it possible to offer up a LTM webpage that says to contact customer support? Here's what I came up so far, but of course it's not working:
this event is triggered when a client - BIG-IP TCP connection is established
when CLIENT_ACCEPTED {
if { [class match [IP::client_addr] equals approved-ip] }{
Uncomment the line below to turn on logging.
log local0. "Valid client IP: [IP::client_addr] - forwarding traffic"
Do nothing... request will be sent to the pool
} else {
Uncomment the line below to turn on logging.
log local0. "Invalid client IP: [IP::client_addr] - redirecting"
HTTP::respond 200 content "Contact Customer Support
Contact Customer Support
NOTICE: You need to come from an apporved network.
Please call customer support at 888-555-1234, if you have any questions.
"
}
}
Thanks for the help! Harton
2 Replies
hartonI'm not sure how to post the html portion without the browser actually converting the code.- Kevin_Stewart
Employee
You'll want to use the HTTP_REQUEST event if you want to use the HTTP::respond command:
when HTTP_REQUEST { if { not ( [class match [IP::client_addr] equals my_ip_datagroup] ) } { HTTP::respond 200 content "html-formatted content" } }You can still technically do all of this in the CLIENT_ACCEPTED event, but then you have to use TCP::respond and build a full HTTP response.
