For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Supahoopsa_8892's avatar
Supahoopsa_8892
Icon for Nimbostratus rankNimbostratus
Jun 10, 2011

IRule not working - sytnax error or something else?

I have tried writing my first iRule to check the url of my site and then depending on which site the user is attempting to access, I then check a list of approved IP addresses.       If t...
application delivery
dev
devops
iRules
Supahoopsa_8892's avatar
Supahoopsa_8892
Icon for Nimbostratus rankNimbostratus
Jun 10, 2011
Hi Michael, thanks for your quick feedback.

 

 

I've just applied the changes with your recommendations, but it appears we're still having problems with the matchclass aspects. I wanted to state that I created "site_access_list" as a Data Group in the BIGIP UI. It contains multiple Host and Network addresses. Anything I should be considering on that?

 

 

Code looks like:

 

 


when HTTP_REQUEST { 
    switch -glob [string tolower [HTTP::uri]] { 
        "*client*" { 
            if { !([matchclass [IP::client_addr] equals $::site_access_list]) } { 
HTTP::redirect https://site
            } 
        } 
    } 
}