Forum Discussion

Nimbostratus

Mar 21, 2014

Need some assistance not sure if IRULE is best way handle this requirement - If it is need some help with IRULE please.

Requirement wwe have public facing site and internal employees get special rates on loans. Requirement is to retricy specific URL paths by internal source IP address and the public can access everthi...

Henrik_Gyllkran

Nimbostratus

Mar 21, 2014

I would solve this by creating two data groups. One with the IP addresses - let's call that data group internal_IP for the example below. The other data group would contain the restricted URI:s - so let's call it restricted_URI. And just to avoid some headaches I would enter them into the data group as strictly lower case strings. Then I would create an iRule like this:

when HTTP_REQUEST {
   if { [class match [string tolower [HTTP::uri]] starts_with restricted_URI] }{
      if { ![class match [IP::client_addr] eq internal_IP] }{
         HTTP::respond 404
      }
   }
}

So if anyone requests the restricted URI:s, if the source address isn't one of the approved ones you get a 404 message back. Also note that HTTP::uri returns the part of the URL without the hostname, starting with the first slash, so don't include the hostname in the strings when creating the data group.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)