Forum Discussion
NimbostratusiRule heelp needed to allow only specific IP addresses.
Folks, I am looking for an iRule which allow particular source IP only if a particular URI is in the http request. If this URI is not in the request it should allow all IP's.
e.g. http://nik.test.com/support/test.html should be allowed for only certain IP's as "/support/test.html" is in the iRule. If it is something like http://nik.test.com/xyz/xyz.html it should just allow all the IP addresses.
Any suggestion?
Thanks, Nik
2 Replies
ab30_149107Dear Nikhil,
Try this, I have corrected the syntax errors.
when HTTP_REQUEST { if { ([HTTP::uri] ends_with "/support/test.html") and ( [IP::addr [IP::client_addr] equals 1.1.1.1] ) } { HTTP::redirect "http://[HTTP::host]/support/test.html" } elseif { ([HTTP::uri] ends_with "/support/test.html") } { reject } else { pool test_pool } }
Thank You, Abhisar.
natheCirrocumulus
"http://nik.test.com/support/test.html should be allowed for only certain IP's as "/support/test.html" is in the iRule. If it is something like http://nik.test.com/xyz/xyz.html it should just allow all the IP addresses."
Sounds like you just need to restrict access to one URI. Hopefully this irule is simpler. You'll need to created a datagroup with a list of your allowed IP addresses first then:
when HTTP_REQUEST { if { ([HTTP::uri] ends_with "/support/test.html") and not ([class match [IP::client_addr] equals allowed_ips]) } { reject } }Not near my iRule editor to 100% check syntax. Hope it's correct.
Rgds
N
