Forum Discussion
wlopez_98779
Dec 04, 2018Nimbostratus
You could do something like this:
when HTTP_REQUEST {
if { ( [string tolower [HTTP::path]] starts_with "/temp/servlet.do" ) && ( not ([class match [IP::client_addr] equals IPDataGroup]) ) } {
HTTP::redirect "http://test.com/temp/error.aspx"
}
}
Just make sure you include the IP addresses or subnets in data group 'IPDataGroup' for which you want to grant access to.
You could also replace the redirect with other actions like 'reject' or 'drop'.
- DevF5_378450Dec 05, 2018Nimbostratus
Yes, we have IP addresses in 'IPDataGroup'.
ltm data-group internal IPDataGroup {
records { 1.1.1.0/24 { } 2.2.2.0/24 { } 3.3.3.0/24 { } 4.4.4.4 { } 5.5.5.5 { } } type ip
}
- wlopez_98779Dec 06, 2018Nimbostratus
If that's the case, just go ahead and try it.
I've done similar configurations before without any issues.
You may also want to do some tcpdumps to validate which IP addresses are actually hitting the virtual server where you apply the iRule on.