For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

veredgf's avatar
veredgf
Icon for Nimbostratus rankNimbostratus
Feb 04, 2020

limit IP access to certain URIs

Hi,

 

I am looking for help creating an IRULE for the following conditions:

 

  1. Allow access to two URIs within the policy to a specific group of IPs.
  2. Disallow access to these URIs to all other IPs.

 

I tried creating a traffic policy for this but was unsuccessful.

 

Thanks

 

Vered

access
ASM Advanced WAF
ip
iRules
limit
security
uri

1 Reply

  • Dmitry's avatar
    Dmitry
    Icon for Altocumulus rankAltocumulus
    Feb 04, 2020

    it will be look like there:

    when HTTP_REQUEST {
	if { [ class match [ string tolower [HTTP::uri] ] starts_with dg_uri ] and not ( [class match IP::client_addr] equals private_net] ) } {  
		HTTP::respond 302 noserver Location "http://[HTTP::host]/errorpage.html"
	}
}

    dg_uri is data group list with your URIs (type string)

    private_net is data group list with your IPs/subnets (type address)