Forum Discussion

Cirrus

Sep 20, 2018

iRule to only allow private networks....

Hi, I have an iRule in place that is supposed to be rejecting all external network traffic coming into an LTM virtual server for a few select administrative pages. Someone on DevCentral had done som...

Nimbostratus

Sep 20, 2018

Maybe this clients are behind NAT? you can check it by adding log to the iRule:

when HTTP_REQUEST {
  switch -glob [string tolower [HTTP::uri]] {
    "*/wp-admin/*" -
    "*/wp-login.php" -
    "*/phpmyadmin/*" -
    "*/wp-config.php" {
      if { !([class match [IP::client_addr] equals private_net])} {
      log local0. "rejected client ip [IP::client_addr]" <-- new added line
         reject
      }
    }
  }
}

and check which IP do you see in /var/log/ltm

good luck!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to only allow private networks....

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Automate F5OS license activation using ansible

Related Content

Using F5 Distributed Cloud Network Connect to transit, route, & secure private cloud environments

What is Multi-Cloud Networking?

Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking)

F5 Cloud Failover Extension (CFE), private endpoints, and custom DNS

Using F5 Distributed Cloud private connectivity orchestration for secure multi-cloud infrastructure

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS