For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

mfarooq's avatar
mfarooq
Icon for Nimbostratus rankNimbostratus
Jul 11, 2024

irule syntex verification

i built below irule to block all other countries accept Saudi arabia.  but i am getting errors on F5 when want to save it.  below are the errors.  when HTTP_REQUEST { # Define the URI to be prote...
application delivery
security
Paulius's avatar
Paulius
Icon for MVP rankMVP
Jul 12, 2024

I believe the following will work.

when HTTP_REQUEST priority 500 {

    # Define the URI to be protected
    set protected_uri "/uri"

    # Define the allowed Country
    set allowed_country "SA"

    # Get the country code from the client's IP address
    set client_ip [IP::client_addr]
    set client_country [whereis $client_ip country]

    # check if the URI matches and if the country is allowed
    if { (([HTTPS::uri] equals ${protected_uri}) && (${client_country} != ${allowed_country})) } {
        # Send a 403 Forbidden response
        HTTP::respond 403 content "Access denied"
    }

}