Forum Discussion

Torti's avatar
Torti
Icon for Cirrus rankCirrus
Feb 18, 2014

LTM v11.5.0 - IP::addr mask not allowed anymore

Hi,

I test a little bit with 11.5.0. If I try: 

    when CLIENT_ACCEPTED {
        if { [IP::addr [IP::remote_addr] equals 10.10.10.0 mask 255.255.255.0] } {
             allowed

        } else {
            discard
            log local0. "connection discarded from [IP::client_addr]"
        }
    }

I get the following tcl error:

error: /Common/iRuler_Parse_Test_Rule:2: error: [wrong args][IP::addr [IP::remote_addr] equals 10.10.10.0 mask 255.255.255.0]

With [IP::addr [IP::remote_addr] equals 10.10.10.0/24] everthing is working fine.

Is the mask parameter not allowed anymore?

application delivery
BIG-IP Access Policy Manager (APM)
devops
iRules
LTM
security

2 Replies

  • JoshBecigneul's avatar
    JoshBecigneul
    Icon for MVP rankMVP
    Feb 18, 2014

    I had a quick read through https://devcentral.f5.com/wiki/irules.ip__addr.ashx and I can't see an example that is just like yours. The closest one looks like this, with the right side of the equals wrapped in quotes.

    [IP::addr 10.42.2.2 equals "10.42.2.0 mask 255.255.255.0"]: 1

    Try it that way and see if there is any difference... Unless the old examples have been deleted, your way may never have been officially supported.