irule rejecting all the request

Question

we have created below irule in which we want to allow one ip address to access the normal website all other request should be rejected but when we place below rule url is not opening even for 10.1.1.1 &nbsp;
when HTTP_REQUEST { if { [HTTP::host] contains "a.b.com" } { switch [IP::addr [IP::client_addr] mask 255.255.255.255] { "10.1.1.1" { pool Pool_A_Prod } default { reject } } } }&nbsp;

lee_payne_53457 · Answer

We use something similar to the below to block access to some sites, unless you are aplpying the iRule to multiple VIP's or have multiple DNS names pointing to the same VIP I wouldn't bother looking in the host header it adds needless complication.
    set clientip [IP::client_addr]

if { [IP::addr 10.1.1.1/32 equals $clientip] } {

pool pool_a
}
else {
    reject
}

thomas_gobet · Answer

I'm sorry to ask you that but why did you post it a second time ?
There's already your own question here : https://devcentral.f5.com/questions/irule-not-working-23758

iheartf5_45022 · Answer

Your problem was trying to use a switch statement with [IP::addr [IP::client_addr] mask 255.255.255.255] - it doesn't work like that.  Use the syntax lapayne suggests.&nbsp;

Forum Discussion

irule rejecting all the request

3 Replies

Bram - January 2026 Featured Member

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Raise your hand if you'll be at AppWorld 2026

RDP Webtop deployment

Maintenance page / local website that includes subfolders

VIPRION B2250 to VELOS CX410 and BIG-IPr10900 migration

Single LTM with multiple GTM domains

Related Content

irule reject request when payload field is null

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Logging DNS Requests

IRule for Exact resource access rejection

iRule to take cookie from HTTP Response into HTTP Request via table

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS