alex100
Nov 09, 2023Cirrostratus
Solved
iRule operator evaluation order OR/AND
Hi all, This must be some simple syntax problem but I have been bashing my head for a while. Here is the irule: when HTTP_REQUEST {
if {(![class match [getfield [IP::client_addr] "%" 1]...
- Nov 09, 2023
Hi alex100,
It might be better to think in parts.
when HTTP_REQUEST { #if uri matches with uripath_a: if { [class match [string tolower [HTTP::uri]] contains /Common/uripath_a] } { #log local0. "Log1 - Uri matched [HTTP::host][HTTP::uri]" #if Client IP doesn't match with tcp_whitelist if { !([class match [getfield [IP::client_addr] "%" 1] eq /Common/tcp_whitelist]) } #log local0. "Log2 - Uri matched [HTTP::host][HTTP::uri] | Client IP did not match [IP::client_addr]" #if XFF doesn't match with xff_whitelist if { !([class match [getfield [HTTP::header X-Forwarded-For] "%" 1] eq /Common/xff_whitelist]) } #log local0. "Log3 - Uri matched [HTTP::host][HTTP::uri] | Client IP did not match [IP::client_addr] | XFF did not match [HTTP::header X-Forwarded-For]" } #if Client IP doesn't match with tcp_whitelist and XFF matches with xff_whitelist else { #log local0. "Log4 - Uri matched [HTTP::host][HTTP::uri] | Client IP did not match [IP::client_addr] | XFF matched [HTTP::header X-Forwarded-For]" } #if Client IP matches with tcp_whitelist else { #log local0. "Log5 - Uri matched [HTTP::host][HTTP::uri] | Client IP matched [IP::client_addr]" #if XFF doesn't match with xff_whitelist if { !([class match [getfield [HTTP::header X-Forwarded-For] "%" 1] eq /Common/xff_whitelist]) } #log local0. "Log6 - Uri matched [HTTP::host][HTTP::uri] | Client IP matched [IP::client_addr] | XFF did not match [HTTP::header X-Forwarded-For]" } #if Client IP matches with tcp_whitelist and XFF matches with xff_whitelist else { #log local0. "Log7 - Uri matched [HTTP::host][HTTP::uri] | Client IP matched [IP::client_addr] | XFF matched [HTTP::header X-Forwarded-For]" } } } #if uri doesn't match with uripath_a else { #log local0. "Log8 - Uri did not match [HTTP::host][HTTP::uri]" } }
I think you want this condition:
when HTTP_REQUEST { if { !([class match [getfield [IP::client_addr] "%" 1] eq /Common/tcp_whitelist]) and !([class match [getfield [HTTP::header X-Forwarded-For] "%" 1] eq /Common/xff_whitelist]) and ([class match [string tolower [HTTP::uri]] contains /Common/uripath_a]) } # log local0. "Batman Client IP [IP::client_addr], Client XXF IP [HTTP::header X-Forwarded-For], [HTTP::method], URL: [HTTP::host][HTTP::uri]" } else { pool pl-something-WEB-443 } }
some function with different operators:
when HTTP_REQUEST { if { !(([class match [getfield [IP::client_addr] "%" 1] eq /Common/tcp_whitelist]) or ([class match [getfield [HTTP::header X-Forwarded-For] "%" 1] eq /Common/xff_whitelist])) and ([class match [string tolower [HTTP::uri]] contains /Common/uripath_a]) } # log local0. "Batman Client IP [IP::client_addr], Client XXF IP [HTTP::header X-Forwarded-For], [HTTP::method], URL: [HTTP::host][HTTP::uri]" } else { pool pl-something-WEB-443 } }