For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Subhajit1107_38's avatar
Subhajit1107_38
Icon for Nimbostratus rankNimbostratus
Apr 11, 2019

iRule to block IP and URL

Hi,

I want an iRule to block a set of IP's hitting a set of url's and log the blocking Could you please check the below iRule and update if any error.

when HTTP_REQUEST {

set url [HTTP::host][HTTP::uri]

 if {[class match $url contains blocklist_url] and [class match [IP::client_addr] equals restrict_ip]} {

    drop
 log local0. "Blocking clientIP:[IP::client_addr] trying to access $url"
 }
}
application delivery
iRules
LTM

2 Replies

  • Lee_Sutcliffe's avatar
    Lee_Sutcliffe
    Icon for Nacreous rankNacreous
    Apr 11, 2019

    The variable $url will not contain the protocol (HTTP or HTTPS)

     

    It will contain a value such as this:

     

     

    This isn’t an issue but you need to make sure you have configured your data group to use this format.

     

    Other than that, looks ok. Just try it!

     

  • youssef1's avatar
    youssef1
    Icon for Cumulonimbus rankCumulonimbus
    Apr 11, 2019

    Hi,

     

    It looks ok, you confirm that you ant to block a specific IP AND URL (AND and not OR)?

     

    You can also achieve your need using ltm Policy...

     

    regards