Forum Discussion

miguel_alvarez_'s avatar
miguel_alvarez_
Icon for Nimbostratus rankNimbostratus
Dec 21, 2017

Is it posible to put this i-rule, to drop a hostname, instead an IP addr?:

when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals some_hostname] } { drop } }  
BIG-IP
devops
irule
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Dec 22, 2017

I think I understand what you want : you want to block if the client hostname is some_hostname.

the problem is the client never send it's hostname, so the only solution is a reverse DNS lookup for every request...

such filter is not security and will cause performance issue.

your irule won't be able to do it.

the following one can do (not optimized solution)

when CLIENT_ACCEPTED {
    if { [RESOLV::lookup @8.8.8.8 -ptr [IP::client_addr]] equals some_hostname } {
        drop
    }
}