irule with source IP

Question

Hi I new in F5,  I need help to configure an IP irule with Origin, it is routed to a particular node with its respective port.&nbsp;
Thank for the help.&nbsp;

kevin_stewart · Answer

Are you referring to a NAT or a virtual server implementation?&nbsp;

johann_araujo · Answer

I mean A Virtual Server implementation. I need depending on what source IP Determined send a node without. thanks&nbsp;

hoolio · Answer

Here's an example iRule:&nbsp;
https://devcentral.f5.com/wiki/iRules.AccessControlBasedOnNetworkOrHost.ashx&nbsp;
Or you could look at AFM for a fully featured firewall approach:&nbsp;
http://www.f5.com/products/big-ip/big-ip-advanced-firewall-manager/overview/&nbsp;
Aaron&nbsp;

kevin_stewart · Answer

A very basic implementation might look something like this:

Define an address-based data group. Example (my_ip_datagroup):
10.10.10.10 := 192.168.42.10 80
10.10.10.11 := 192.168.42.11 80
10.10.10.12 := 192.168.42.12 80
...

Create an iRule:
when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals my_ip_datagroup] } {
        node [class match -value [IP::client_addr] equals my_ip_datagroup]
    }
}

Forum Discussion

irule with source IP

4 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

Phishing, Malware, Breach and Open-Source Security

The Power of Source Address

iRule to Force Source IP to Specific Backend Node

iControl Library For Java With Source

iRules Style Guide

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS