Forum Discussion
Tim_V
Apr 20, 2021Nimbostratus
iRule for IP restriction with multiple virt servers and multiple DGL of allowed IPs.
I have read through a multitude of threads, but my scenario seems a little unique. A little background so it all makes sense. We serve multiple customers with their own site, each site is a ...
Tim_V
Nimbostratus
To clarify the last sentence, I know how to create the data group list, how to I add it into the iRule.
spalande
Apr 20, 2021Nacreous
something sort of below. Modify datagroup name accordingly
when HTTP_REQUEST priority 100 {
if { ( [string tolower [HTTP::host]] equals "1000-t01.DOMAIN.COM" ) and ( not ( [class match [IP::client_addr] equals COMPANY-1000-CUSTOMER-DG-Allow ] or [class match [IP::client_addr] equals newmonitorcompany-DG-Allow] ) ) } {
# log local0. "Invalid CUSTOMER client IP: [IP::client_addr] - Blocking traffic"
HTTP::respond 200 content [ifile get COMPANY_ip_forbidden]
after 50 drop
event disable
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects