Forum Discussion
COf5
Mist
MistiRule for public IP access to specific section of my URL
I will need someone to validate this iRule for me, pls
Request: allow only a public IP or Subnet access to a section of my URL : https://xxx.xxx.com/xxx/* )
Many recommendations welcome.
after adding the ALLOW_x.x.x.x on Data Group List
when HTTP_REQUEST {
if {[HTTP::uri] eq "https://xxx.xxx.com/xxx/*"} {
if {![class match [IP::client_addr] equals ALLOW_x.x.x.x]} {
HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close
TCP::close
}
}
}
KerryCirrus
HTTP::uri only matches the path. i.e. /xxx/... depending on if you need the quarry string or not if you using http::url or HTTP:: path.
HTTP:host to match the host name. xxx.xxx.com
if {[HTTP::host] eq "xxx.xxx.com"} {
if {[HTTP::uri] starts_with "/xxx/"} {
search f5 irules http::url
search f5 irules http::host
search f5 irules if conditions
Web browser are hard to kickout once connected. no real need for the TCP close.