Forum Discussion

mfarooq's avatar
mfarooq
Icon for Nimbostratus rankNimbostratus
Jul 11, 2024

irule syntex verification

i built below irule to block all other countries accept Saudi arabia. 

but i am getting errors on F5 when want to save it.  below are the errors. 

when HTTP_REQUEST
{
# Define the URI to be protected
set protected_uri "/uri"

# Define the allowed Country

Set allowed_country "SA" 

# Get the country code from the client's IP address

set client_ip [IP::client_addr]
set client_country [whereis $client_ip country]

# check if the URI matches and if the country is allowed

if { 

([HTTPS::uri] equals $protected_uri) && ($client_country for the URI [ HTTP::uri] from IP $client_ip"

#send a 403 Forbidden response

HTTP::respond 403 content "Access denied"
   }
}

 

01070151:3: Rule [/Common/Geofencing] error: /Common/Geofencing:8: error: [undefined procedure: Set][Set allowed_country "SA" ]
/Common/Geofencing:17: error: [parse error: PARSE syntax 392 {syntax error in expression "

([HTTPS::uri] equals $protected_uri) && ($client_country ...": looking for close parenthesis}][{

([HTTPS::uri] equals $protected_uri) && ($client_country for the URI [ HTTP::uri] from IP $client_ip"

#send a 403 Forbidden response

HTTP::respond 403 contecnt "Access denied"
}]
/Common/Geofencing:24: error: [missing a script after "if"][]

  • I believe the following will work.

    when HTTP_REQUEST priority 500 {
    
        # Define the URI to be protected
        set protected_uri "/uri"
    
        # Define the allowed Country
        set allowed_country "SA"
    
        # Get the country code from the client's IP address
        set client_ip [IP::client_addr]
        set client_country [whereis $client_ip country]
    
        # check if the URI matches and if the country is allowed
        if { (([HTTPS::uri] equals ${protected_uri}) && (${client_country} != ${allowed_country})) } {
            # Send a 403 Forbidden response
            HTTP::respond 403 content "Access denied"
        }
    
    }