Forum Discussion

nikhilmbass's avatar
nikhilmbass
Icon for Altocumulus rankAltocumulus
Feb 28, 2022

Irule for restricting access

Hello Members, I have an application hosted on the F5, which also has an I-rule redirect policy attached to it. https://domain.com redirects to https://domain.com/admin/login.jsp This is accesssib...
application delivery
  • CA_Valli's avatar
    CA_Valli
    Feb 28, 2022

    Hello, you should be able to do this either with iRule or with LTM policy. 
    F5 recommends using options available in standard configurations / GUI / traffic profiles over iRule syntax where possible, as they typically perform faster. 

    In your case however using data group lists might be easier to mantain. One IP type data group to list restricted networks, and one string type data group to list restricted URI's. 

    if { class match [HTTP::path] ends_with restricted_uri_class && class match [IP::client_Addr] equals restricted_ip_class } { reject }

neeeewbie's avatar
neeeewbie
Icon for MVP rankMVP
Feb 28, 2022

 

you can use below irule if you using redirection irule on same virtual server

when HTTP_REQUEST {

 if {[HTTP::host] equals "domain.com"}{

if {[HTTP::uri] starts_with "/admin/tools"}{

HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]

}
else if {[HTTP::uri] starts_with "/admin/login.jsp"}{

HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]

}

}
else
default pool

}