Forum Discussion
toshi_01_132399
Aug 30, 2013Nimbostratus
mysql ip access control
I would like to do the ip access control by using a irule.
However, I failed in the following way.
pool-allowhost-01 have kept some mysql.
when CLIENT_ACCEPTED {
if { [IP::addr [IP::remote_a...
nitass
Employee
i think the original irule below is okay.
when CLIENT_ACCEPTED {
if { [IP::addr [IP::remote_addr] equals 192.168.1.0/24] } {
pool pool-allowhost-01
} else {
reject
}
}
may you add log command to the irule something like what kevin suggested? also, i think it would be helpful if you can run tcpdump on bigip.
e.g.
tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host 192.168.1.30 or host 192.168.1.50 or host 192.168.1.51 or host 192.168.1.52
and can you post the virtual server, pool and snatpool configuration here?
tmsh list ltm virtual (virtual server name)
tmsh list ltm pool (pool name)
tmsh list ltm snatpool (snatpool name)
just my 2 cents.
toshi_01_132399
Sep 01, 2013Nimbostratus
Thank you. I will try to challenge on the basis by information of everyone
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects