Forum Discussion

veredgf's avatar
veredgf
Icon for Nimbostratus rankNimbostratus
Feb 04, 2020

limit IP access to certain URIs

Hi,

 

I am looking for help creating an IRULE for the following conditions:

 

  1. Allow access to two URIs within the policy to a specific group of IPs.
  2. Disallow access to these URIs to all other IPs.

 

I tried creating a traffic policy for this but was unsuccessful.

 

Thanks

 

Vered

access
ASM Advanced WAF
ip
iRules
limit
security
uri
  • Dmitry's avatar
    Dmitry
    Icon for Altocumulus rankAltocumulus
    Feb 04, 2020

    it will be look like there:

    when HTTP_REQUEST {
	if { [ class match [ string tolower [HTTP::uri] ] starts_with dg_uri ] and not ( [class match IP::client_addr] equals private_net] ) } {  
		HTTP::respond 302 noserver Location "http://[HTTP::host]/errorpage.html"
	}
}

    dg_uri is data group list with your URIs (type string)

    private_net is data group list with your IPs/subnets (type address)