Forum Discussion

sandy16's avatar
sandy16
Icon for Altostratus rankAltostratus
Oct 23, 2012

irule for VIP to deny all ports except a few

Hi, i have configured a VIP to listen on any port, BUT i want to restrict it only specific ports and denying rest all.   What`s the simplest way to do this?  
application delivery
dev
devops
iRules
nitass's avatar
nitass
Icon for Employee rankEmployee
Oct 23, 2012
e.g. 

 if-clause

[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
   if { !([TCP::local_port] == 80) and !([TCP::local_port] == 8080) } {
      drop
   }
}
}

 switch

[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
   switch [TCP::local_port] {
      80 -
      8080 { }
      default {
         drop
      }
   }
}
}