Forum Discussion

Nimbostratus

May 21, 2010

iRule using URI classes to restrict access

(version 9.4.7) I have been restricting access to certain pools via the following iRule statement: if { [matchclass [IP::client_addr] equals $::TrustedIPs] and [matchclass [HTTP::path] starts_wit...

Nimbostratus

May 24, 2010

Posted By Michael Yates on 05/21/2010 03:04 PM

The [HTTP::path] starts at the first "/" so you will either have to account for it in your matchclass or add to your iRule to look for it and remove it.

HTTP::uri [string map {"//" "/"} [HTTP::uri]]

Wiki Entry for [HTTP::path] - http://devcentral.f5.com/wiki/default.aspx/iRules/http__path.html

Awesome, thanks, I'll test that later.

Is there any major advantage to performing the string map replace on the HTTP::uri vs the HTTP:path? We use extensive URIs and probably don't need to evaluate all the params in them.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule using URI classes to restrict access

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Irule for restricting access

Office 365 Tenant Restrictions

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Restricting direct access from public IP

Restrict Access to Exchange Administrative Center - Enhanced

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS