Forum Discussion
R_Marc
Aug 15, 2016Nimbostratus
drop should do what you need. I, personally would do a class match against a data-group for this. Since a data-group is a structured list, so there is less risk in adding/removing that updating the iRule itself.
Not sure why you'd wait util after the ssl handshake though, if you know the IP is bad, just drop it and CLIENT_ACCEPTED, though you can do it in most other events, I believe. That being said, this is probably better handled at a firewall.
ltm data-group internal drop-list {
records {
10.125.0.3/32 {}
}
type ip
}
ltm rule drop-list-rule {
CLIENT_ACCEPTED {
if { [class match [IP::client_addr equals drop-list] } {
drop
}
}
}