Forum Discussion
Tyson_James
Cirrus
CirrusiRule to only allow traffic from US, Canada and private networks....
We have a current iRule that only accepts traffic from the US or private networks ( non-routable ). Shown below :
when CLIENT_ACCEPTED {
if {not ([whereis [IP::client_addr] country] eq "US") and ...
Lee_Sutcliffe
Nacreous
NacreousCanada has a country code of 'CA' (see https://www.iso.org/obp/ui/search ) you could add another 'and' like the one for 'US' It might however be easier to maintain if you create a datagroup with the country codes, much like you've done with the IP addresses
for example:
when CLIENT_ACCEPTED {
if {!([class match [whereis [IP::client_addr] country] equals "country_dg"]) && !([class match [IP::client_addr] equals "private_net"])}{
reject
}
}
