For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chris_Olson_172's avatar
Chris_Olson_172
Icon for Altostratus rankAltostratus
Dec 11, 2018

irule to Block specific URLs, allow the rest

I need to block traffic from two explicit URLs, but allow all other traffic even if it starts with the same characters as what is blocked. This is my best guess at syntax. Please correct any errors y...
application delivery
iRules
LTM
gscholz_370150's avatar
gscholz_370150
Icon for Nimbostratus rankNimbostratus
Dec 11, 2018

If you remove some brackets and one of the "if"s it works. You can always test it by logging the output to /var/log/ltm, see below.

when HTTP_REQUEST {
    if {[string tolower "[HTTP::host][HTTP::path]"] equals "example.domain.com/xyz/ab/"
    or [string tolower "[HTTP::host][HTTP::path]"] equals "example.domain.com/xyz/ab"} {
        log local0. "Rejected Connection [HTTP::host][HTTP::path], converted [string tolower [HTTP::host][HTTP::path]]"
        reject
    }
}
Chris_Olson_172's avatar
Chris_Olson_172
Icon for Altostratus rankAltostratus
Dec 21, 2018

The rule took, but it's not working. I used both URLs specified but it is not being rejected. I can still hit the site. The logs do not show anything is happening. The only thing I can think of is that it is applied to the HTTPS VIP. However, when I try to change the rule to HTTPS I get an error.

 

[undefined procedure: HTTPS::host][HTTPS::host] /Common/url_reject_https:2: error: [undefined procedure: HTTPS::path][HTTPS::path]

 

Any ideas?