For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kamiel_48996's avatar
kamiel_48996
Icon for Nimbostratus rankNimbostratus
Nov 11, 2009

limit the possibility of doing POST's

I want to limit the possibility of doing http POSTs to a set of know machines. All public machines must be able to do get's on the same HTTP server.     irules are new to me so some help wi...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Nov 11, 2009
You can add the client or server IP addresses to a datagroup (class) of type 'address' and then use the matchclass command to evaluate the address against the class. The matchclass wiki page has examples:

 

 

http://devcentral.f5.com/wiki/default.aspx/iRules/matchclass

 

 

To log from an iRule you can use the log command:

 

 

http://devcentral.f5.com/wiki/default.aspx/iRules/log

 

 

To reject a connection, you can use reject:

 

 

http://devcentral.f5.com/wiki/default.aspx/iRules/reject

 

 

Aaron