Forum Discussion

mike_89584's avatar
mike_89584
Icon for Nimbostratus rankNimbostratus
Jun 13, 2016

iRule help

Hi I have two separate irules - one to restrict access to certain IPs and one to force basic authentication, and I now find that I need to combine the two, that is allow certain IPs to a VIP (or fold...
  • Yann_Desmarest_'s avatar
    Jun 13, 2016

    Hi,

    haven't understand quite well your requirement. Here the new try :

    when HTTP_REQUEST { 
        if { [IP::client_addr] eq "xxx.xxx.xxx.xxx" } {
            pool Pool_my_pool.com
        } else {
            binary scan [md5 [HTTP::password]] H* password
            if { [class lookup "[HTTP::username]" local_user_dgroup] equals $password } {
                log local0. "User [HTTP::username] has been authorized to access virtual server [virtual name]" 
            } else {
                log local0. "User [HTTP::username] has been denied access to virtual server [virtual name]"
                HTTP::respond 401 WWW-Authenticate "Basic realm=\"Secured Area\""
            }   
        }
    }