Forum Discussion

jwah24_138500's avatar
jwah24_138500
Icon for Nimbostratus rankNimbostratus
Apr 08, 2014

Multiple Service Ports on a Single VS

Hey guys, I've seen a few articles on this already, but am really new to the F5's and am looking for additional clarification. We looking at load balancing an application that uses the following p...
application delivery
deployment
design
devops
iRules
LTM
  • Cory_50405's avatar
    Cory_50405
    Apr 08, 2014

    You would create 'service-port-range' as a string type data group under Local Traffic -> iRules -> Data Group List. Populate the data group with your port objects.

    Then use the iRule to reference it and reject anything not in the list:

    when CLIENT_ACCEPTED {
 if { ! [class match [TCP::local_port] equals service-port-range] } {
    reject
    }
}
Desai_124243's avatar
Desai_124243
Icon for Nimbostratus rankNimbostratus
Oct 20, 2015

Hi,

 

I wanna allow only 4 TCP/UDP ports from single virtual. Is below IRULE configuration right?

 

rule allowing_tcp_udp_traffic_rl { when CLIENT_ACCEPTED { Check if requested port is allowing only TCP 443, TCP 80, UDP 4500 and UDP 500 if { ( [TCP::client_port] != 443 or [TCP::client_port] != 80 or [UDP::client_port] != 500 or [TCP::client_port] != 4500 ) } { Drop request drop } }

 

}

 

Thanks