iRule to block networks works, sometimes.....

Question

I just want to block googlebot requests to certain virtual servers at the LTM but this rule doesn't seem to work. Oddly enough, when I change the IP values to block my own internal network subnets at the same virtual servers, it works. I had to block at the router where I could see in the logs the rejection of the IP specified, so I know the IP is coming into my network as expected (not NAT'd).  &nbsp;
&nbsp;when CLIENT_ACCEPTED {
&nbsp;  if { [IP::addr [IP::remote_addr] equals 60.249.0.0/255.255.0.0] } {
&nbsp;     reject
&nbsp;  }
&nbsp;}&nbsp;
&nbsp;Any help is appreciated.

joe_pruitt · Answer

Did you log the value of IP::remote_addr to verify it's correct when googlebot is trying to access it?
Wouldn't it be simpler to use a user-agent test?when HTTP_REQUEST {
  if { [string tolower [HTTP::header "User-Agent"]] contains "googlebot" } {
    reject
  }
}
This would block googlebot from any source network and is very easy to test with the user-agent switcher in FireFox.
-Joe

sfracass_83515 · Answer

BUT,  Googlebot is a legitimate useragent for organizations with google appliances. We needed to specifically block Google's googlebot.

Forum Discussion

iRule to block networks works, sometimes.....

Recent Discussions

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Related Content

What is Multi-Cloud Networking?

Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking)

Community Learning Path: Multi-Cloud Networking

A complete Multi-Cloud Networking walkthrough with F5 Distributed Cloud

F5 BIG-IP deployment with OpenShift - platform and networking options

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS