Forum Discussion
Nimbostratusirule for specific pools
NimbostratusHi,
If you do not want to create a data group, you can try the below one:
when HTTP_REQUEST {
if { [IP::addr [IP::client_addr] equals 1.1.1.0/24] } {
do nothing
} elseif { [IP::addr [IP::client_addr] equals 2.2.2.0/24] } {
HTTP::redirect "https://www.test.com";
}
}
bsbMissed one part, LTM is behind proxy which hides the incoming client ip, tried below option, still didn't work.
i am trying to access the site from 2.2.2.x network and instead of redirect, posting a custom message
when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::remote_addr] if { [IP::addr [IP::client_addr] equals 1.1.1.0/24] } { do nothing } elseif { [IP::addr [IP::remote_addr] equals 2.2.2.0/24] } { HTTP::respond 503 content {
} } }
- bsb
below content were removed.
< html> < head>< title> regret message < /title>< /head> < /html>
- oguzy_191375
Hi,
when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::client_addr] if { [IP::addr [HTTP::header X-Forwarded-For] equals 1.1.1.0/24] } { do nothing } elseif { [IP::addr [HTTP::header X-Forwarded-For] equals 2.2.2.0/24] } { HTTP::respond 503 content "Page is currently unavailable." event disable TCP::close } }If it does not work again, please share any errors if exist in the /var/log/ltm or try to logging for debug.
- bsb
Hi, page is accessible on both subnets, no errors on tcpdump as well. tried to log under authorized subnet 1.1.1.0/24, it doesn't update the logs.
when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::client_addr] if { [IP::addr [HTTP::header X-Forwarded-For] equals 1.1.1.0/24] } { log local0. "authsubnet":[IP::client_addr]
- oguzy_191375
Would you mind logging the X-Forwarded-For in HTTP request and checking IP address whether it matches to if condition or not?
log local0. "X-Forwarded-For: [HTTP::header X-Forwarded-For]"
