Forum Discussion

Joe_Clark_45172's avatar
Icon for Nimbostratus rankNimbostratus
Mar 07, 2013

iRule for source IP addresses

I am very new to iRules.


I need some help creating an iRule to make HTTP redirect based on the source IP address






if {([IP::addr [IP::client_addr] equals]


HTTP Redirect











This is the setup that I am trying to do, but it is not getting configured correctly. Has anyone worked on something like this?



Thank you



4 Replies

  • Hi Joe,

    An HTTP::redirect is not valid in the CLIENT_ACCEPTED Event. You may want to consider moving to the HTTP_REQUEST Event.

     when HTTP_REQUEST {
    if { [IP::addr [IP::client_addr] equals] } {
  • Ok, I need to add more detail to my issue:


    This is a connection for a new VMware View 5.1 Environment built on an iApp


    This is connecting to an external IP address that is sent the VIP in our DMZ to connect to Security Servers. The security servers proxy the connection into the Internal VIP for the connection servers.


    This works fine externally. Where we are having issues is when people are on our Guest wireless network which is another DMZ. When the users connect to the security servers, they can login, but can't connect to the View Desktop. We are thinking that this comes from the fact that we don't allow "hair-pinning" on the firewall, so I am looking at a URL rewrite for the users in the Guest wireless DMZ


    So, when a user connects from external, the security servers send a URL for the client to connect to, I need that URL rewritten when sent to the clients.



    so the user connects to the Guest network.



    Those users are on a network


    The URL External is


    The URL Internal is



    This is what I have been looking at




    when HTTP_REQUEST {


    if { ({HTTP::host eq "" and [IP::addr[IP::client_addr] equals]}{


    HTTP::redirect ""





    Does this make sense?


  • if { ({HTTP::host eq "" and [IP::addr[IP::client_addr] equals]}{HTTP::host should be enclosed with bracket i.e. [HTTP::host]



    HTTP::redirect ""i think it should look like the one Michael suggested e.g. HTTP::redirect ", HTTP::redirect "[HTTP::uri]"



    anyway, i never used vmware view but i feel it might not be right. have you tried to run tcpdump/ssldump to see what is going on indeed?



    just my 2 cents
  • I could be mistaken here, but when the user tries to connect to a remote desktop, the security server sends a small piece of XML data to the View client. At the point that the View client attempts to connect, I don't think it's HTTP anymore, or rather not sure the View client can handle a redirect. If that's true, then I think your best bet is to rewrite that XML on its way to the client.