Forum Discussion
Supahoopsa_8892
Nimbostratus
Jun 10, 2011IRule not working - sytnax error or something else?
I have tried writing my first iRule to check the url of my site and then depending on which site the user is attempting to access, I then check a list of approved IP addresses.
If the clients IP address is not found in the list, I redirect them to an unauthorised page, otherwise I let them through.
This is my code:
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"*XXX*" {
if not { matchclass [IP::client_addr] equals $::XXX_access_list } {
HTTP::redirect https://MyXXXUnauthPage.com
}
}
"*YYY*" {
if not { matchclass [IP::client_addr] equals $::YYY_access_list } {
HTTP::redirect https://MyYYYUnauthPage.com
}
}
"*ZZZ*" {
if not { matchclass [IP::client_addr] equals $::ZZZ_access_list } {
HTTP::redirect https://MyZZZUnauthPage.com
}
}
}
}
Is there a syntax error here or have I just gor my logic wrong.
Any help would be GREATLY appreciated.
- Michael_Yates
Nimbostratus
Try this:when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "*XXX*" { if { !([matchclass [IP::client_addr] equals $::XXX_access_list]) } { HTTP::redirect https://MyXXXUnauthPage.com } } "*YYY*" { if { !([matchclass [IP::client_addr] equals $::YYY_access_list]) } { HTTP::redirect https://MyYYYUnauthPage.com } } "*ZZZ*" { if { !([matchclass [IP::client_addr] equals $::ZZZ_access_list]) } { HTTP::redirect https://MyZZZUnauthPage.com } } } }
- Supahoopsa_8892
Nimbostratus
Hi Michael, thanks for your quick feedback.when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "*client*" { if { !([matchclass [IP::client_addr] equals $::site_access_list]) } { HTTP::redirect https://site } } } }
- hoolio
Cirrostratus
If you're on 9.4.4 or higher you should remove the $:: prefix from the datagroup name. It will demote the iRule from CMP in any version, but won't work at all to access the datagroup in v10+:
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects