Forum Discussion
Reginald_Sible1
Nimbostratus
NimbostratusiRule to block anything containing /user thats not coming for internal network
iRule to block anything containing /user thats not coming for internal network specified in datagroup. I have the following logic but its for the entire url..how can I make it just /user on the VIP?
rule URL-user_rule { when HTTP_REQUEST { switch -glob [string tolower [HTTP::host]] { domain.name.com { if { not ([class match [IP::client_addr] equals sntru_net]) } { discard } } default { pool [LB::server pool] } } } }
4 Replies
I assume you still want to match the Host header and you want to match anything starting with "/user":
when HTTP_REQUEST { if { [string tolower [HTTP::host]] eq "domain.name.com" and not ([class match [IP::client_addr] equals sntru_net]) } { switch -glob [HTTP::path] { "/user" - "/user/*" { discard } } } }You don't need the
branch because selection of the assigned pool is what will happen by default already.default
Reginald_Sible1Thank you very much
VernonWellsEmployee
I assume you still want to match the Host header and you want to match anything starting with "/user":
when HTTP_REQUEST { if { [string tolower [HTTP::host]] eq "domain.name.com" and not ([class match [IP::client_addr] equals sntru_net]) } { switch -glob [HTTP::path] { "/user" - "/user/*" { discard } } } }You don't need the
branch because selection of the assigned pool is what will happen by default already.default- Reginald_Sible1Thank you very much
