Forum Discussion
NimbostratusiRule to Allow the String for specific IP Address and block the access for rest
Hi Experts,
I have requirement to allow the String "/___special___" only from Internal Network and Block the access for rest of the world.
I have created below iRule:
Created the Data Group Local Traffic ›› iRules : Data Group List -> Internal_IP = 10.6.0.0/24
iRule: when HTTP_REQUEST { if {[HTTP::uri] contains "/___special___"} { if {not[class match [IP::client_addr] equals Internal_Net] } { log local0.alert "Rejecting \"[HTTP::host][HTTP::uri]\" Special request from [IP::client_addr]" reject } } }
I have tested the URL which contains the string, but the URL didn't work.
Also tried one more iRule -
when HTTP_REQUEST { if { ([string tolower[HTTP::uri]] equals "/___special___") and ([class match [IP::client_addr] eq Internal_Net]) } { else { reject } } }
But both didn't work.
FYI: The iRule and the Data group are in different Partition. Is this may cause any issue.
Please assist me.
Thanks in advance. Dhruav S.
Lee_SutcliffeNacreous
You need to specify the partition when calling the datagroup if this is in anything else other than /Common/. Also if both partitions are child partitions, they will not be able to access each other's content.
when HTTP_REQUEST { if {([HTTP::uri] contains "/___special___") && (not[class match [IP::client_addr] equals /partition/Internal_Net])} { log local0.alert "Rejecting \"[HTTP::host][HTTP::uri]\" Special request from [IP::client_addr]" reject } }MP