Forum Discussion

Altocumulus

Aug 21, 2013

iRule to Allow Certain Client IP

Hi, I have a situation where I need to permit certain IPs to access HTTP content, to do this, I have an iRule that is using a switch based off of the client IP like this: when HTTP_REQUEST {...

application delivery

availability

BIG-IP Access Policy Manager (APM)

Admin

Aug 21, 2013

you bet. Use a datagroup and then use the class command to extract the pool you want based on source.

ltm data-group internal /Common/iplist {
    records {
        192.168.1.1/32 {
            data my-pool
        }
        192.168.2.0/24 {
            data your-pool
        }
    }
    type ip
}


when HTTP_REQUEST {
  if { ([HTTP::host] contains "my.site.com" } {
    set pool [class match -value -- [IP::client_addr] equals iplist]
    catch { pool $pool }
  } else {
    HTTP::respond 200 content [ifile get AccessDenied]
  }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)