Forum Discussion
Nimbostratusirule to redirect to to cloud WAF
We have below requirement and our url is hosted on cloud for WAF and waf access VIP on F5 using which url is not known
and we have to stop access of www.abc.prod.co.in from intenet and we want whenever user try to access abc.co.in it sould redirect to www.abc.co.in and except when cloud waf policy server access it. we have created below irule, kindly check and confirm will below irule work or not.
1. Redirect all traffic from abc.co.in/* to www.abc.co.in/*
2. traffic : FROM a list of known IPs to www.abc.prod.co.in should be sent to the existing pool
3. Other traffic should be rejected
when HTTP_REQUEST
{
if { ([class match [IP::client_addr] equals "datagroup_abc" ]) } then
{
pool Pool_Name Pool_abc
}
elseif { ([string tolower [HTTP::host]] eq "abc.co.in") ||
([string tolower [HTTP::host]] eq "www.abc.prod.co.uk") ||
([HTTP::host] eq "192.168.168.10") } then
{
HTTP::respond 301 Location "[http://www.abc.co.in[HTTP::path]"
}
else {
reject
}
}
cjuniorNacreous
Hi,
I would just change [HTTP :: path] to [HTTP :: uri] to not lose querystring values when there and discard connections instead of reject.
Anyway, an LTM policy works fine in this case and I may prefer to use it.
Finally, my iRule code should be:
when HTTP_REQUEST { set host [string tolower [getfield [HTTP::host] : 1]] if { [class match [IP::client_addr] equals datagroup_abc] } { pool Pool_abc } elseif { $host eq "abc.co.in" || $host eq "www.abc.prod.co.uk" || $host eq "192.168.168.10" } { HTTP::respond 301 -version auto noserver Location "http://www.abc.co.in[HTTP::uri]" Connection Close } else { discard } unset host }Regards.