Forum Discussion

Gill_32697's avatar
Gill_32697
Icon for Nimbostratus rankNimbostratus
Nov 25, 2013

irule to permit url by external host,

Need to write an irule that will permit two public IP's to specific uri, but still allow all other access to site. For example... Public facing access to VIP" 10.1.1.100 (https://mysite.com) But if you are public wanting to go to https://mysite.com/books and your comming from 55.66.77.88 or 66.77.88.99 then its ok. Otherwise you go to https://mysite.com

 

application delivery
devops
iRules

11 Replies

Show More
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Nov 27, 2013

    Doh. What I get for typing on an iPad. Please try this:

    when HTTP_REQUEST {     
    if { ( [string tolower [HTTP::uri]] starts_with "/books" ) } {
        if { not ( [IP::addr [IP::client_addr] equals "55.66.77.88"] ) or not ( [IP::addr [IP::client_addr] equals "66.77.88.99"] ) or not ( [IP::addr [IP::client_addr] equals "77.88.99.10"] ) } { 
            HTTP::redirect "https://[HTTP::host]/" 
        }
    }
}

    I was still missing a closing parentheses.

    Also FYI, this ltm is located on a DMZ, the client IP are external from the Internet..would it even show up?

    This is a good question. Are you evaluating IP addresses that would show up at the F5?

    I would also add, that if you're going to be evaluating more than 3 source addresses, tiny could ninja's data group idea would probably be easier to maintain, at least with just an address data group.