Forum Discussion
CirrusNeed to restrict an iRule from passing external traffic, only internal.
We have a situation where we are using an iRule that when there are requests to a subfolder on a site, it redirects to a subfolder. Here is the iRule we are using.
if { [HTTP::uri] starts_with "/subfolder" } { the node command directs the request to the server whether or not it is behind the BigIP. Make sure the BigIP has a route to that server. node 10.10.3.111 }
So this rule, if a request comes through like ";, it gets re-routed to the node 10.10.3.111. It works just fine. EXCEPT one problem.
Turns out the site should not be open to the internet, only to internal servers. I need to add a conditional statement that only allows internal traffic to pass. All internal servers are in a 10.X.X.X subnet. Any suggestions on how to accomplish this in the iRule?
1 Reply
Maybe something like this:
when HTTP_REQUEST { if { [HTTP::uri] starts_with "/subfolder" && [IP::addr [IP::client_addr] equals 10.0.0.0/8] } { the node command directs the request to the server whether or not it is behind the BigIP. Make sure the BigIP has a route to that server. node 10.10.3.111 } }
