Forum Discussion
IRULE to restrict a specific url after initiated first session
Hi Mohamed Kansoh
Thanks for your reply.
Actually, I don't want to restrict any static identifier. I don't know how to do it, but the requirement is, when first Client A, is already served with the URL. Then any other device shouldn't get access with that same URL. Note that, the URL is not static either, it generates some random numbers such as "xxx.com/api/info/ms1672635"
- Aug 27, 2023
Hi Saidur900 ,
no worries about changing in URI as you can use "starts_with" or "contains" operators if your uri not static.
So now your requirement is ,
you need only one connection in bigip to access this URI and anyother connection requests this uri should be dropped regardless Client A or B , you only need this URI to be accessed onetime for only exclusive connection through bigip , and if this connection fininshed or timeout , it's allowed for any client to access it.
So one connection to this URL at a time ?- Saidur900Aug 27, 2023Nimbostratus
Hi Kanosh
Yes, single connection to this url at a time. This url contains sensitive information, so need a solution. I dont understand where to start.
- Aug 27, 2023
Hi Saidur900 ,
I believe that you can do that using " Table " irule with setting a connection limit to 1 connection.
and put the condition to be the url instead of client Ip address.
use this Article as a starting point : https://community.f5.com/t5/technical-forum/connection-limit-for-a-uri-path/td-p/223207>>>>>>
so briefly >> I think your requirement will be met by settingtwo conditions ( connection limit equal 1 and uri contains "/api/info/" )
Of course it will need much testing , I don't have your deployment to test it and it may take much time.
I will mention Mr. JRahm he may give us clues as he is very experienced with irules specially complex ones.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com