Forum Discussion
iRule lookup IP address from remote json endpoint and whitelist source traffic?
I've been tasked with investigating the possibility to whitelist traffic from source IP addresses that are matched against a remote list, implemented as an API endpoint that returns a json array of permitted CIDR addresses.
Incoming traffic would arrive on the bigip, the source address would be matched through an iRule that would look up the address against a remote API endpoint containing whitelisted addresses and if there is a match it would pass the traffic, if not, return unauthorized.
I wanted to see if anyone in the F5 community has tried to implement such a function? The closest post I have come across (from 2007) is here.
I am aware the source data would usually go in a data group, or a remote data group but I have no way of transferring a remote list onto the F5. Even if I did that list would have to be updated on a frequent schedule.
I am also aware of the downsides to any approach to have an iRule make a remote call out (blocking, zero data returned, API call made for each connection etc) but as I say it is just research at this point. It might well be that it is simply not a feasable task.
Thanks, Will.
- zamroni777
Nacreous
you can use "send" function in irules.
you can use it to send http request, but not https, interrogation to other server.https://clouddocs.f5.com/api/irules/send.html
if the ip list changes is not frequent,
you can sftp the list file to f5
and schedule (using crontab) to run tmsh command to update datagroup
then use the datagroup in local traffic policy or irules to do ip filtering.https://clouddocs.f5.com/cli/tmsh-reference/v16/modules/ltm/ltm_data-group_external.html
supersideband can also send http/https requests HTTP Super SIDEBAND Requestor (Client) Handles Redirects, Cookies, Chunked Transfer, APM Access, etc other than that you can review the icall script for office365 Dynamic IP update of Office365 addresses and store them in data-groups | DevCentral / GitHub - f5devcentral/f5-office365-ip-url-automation: This Python script will perform REST API calls to the Office 365 IP Address and URL web service and creates Data-Groups and/or Custom URL Category.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com