Forum Discussion

Woodman_42259's avatar
Woodman_42259
Icon for Nimbostratus rankNimbostratus
Feb 10, 2012

iRule to block a specific destination IP?

I have a TLM1600 (BIG-IP 10.2.0 Build) and need to block incoming traffic that is destined for a specific public IP address (not domain name). Will the following iRule work? Thanks! when HTTP_...
application delivery
dev
devops
iRules
nitass's avatar
nitass
Icon for Employee rankEmployee
Feb 10, 2012
in case of using fastl4 profile. 

[root@ve1023:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool gateway
   destination any:any
   mask 0.0.0.0
   ip protocol 6
   rules myrule
   profiles fastL4 {}
}

[root@ve1023:Active] config  tcpdump -nni 0.0 host 8.8.8.8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes
16:32:51.479054 IP 200.200.200.101.44154 > 8.8.8.8.80: S 26962956:26962956(0) win 5840 
16:32:51.479118 IP 8.8.8.8.80 > 200.200.200.101.44154: R 0:0(0) ack 26962957 win 0