Forum Discussion

Mike_Rausch_628's avatar
Mike_Rausch_628
Icon for Nimbostratus rankNimbostratus
Mar 08, 2007

Only allow users from specific Ip address to gain access

I am trying to use a corporate backup tool and they are telling me that I need to open a range of ports on my server from 600-13800 or something like that. I have created a Virtual Server that allows ...
application delivery
dev
devops
iRules
JRahm's avatar
JRahm
Icon for Admin rankAdmin
Mar 08, 2007
Sorry, had some extra brackets in there around the class. This may be simpler, and tested fine on my 9.1.2 HF5 system just now.


 when CLIENT_ACCEPTED {
  if { ([matchclass [IP::client_addr] equals $::allowed_clients]) and (([TCP::local_port] < 13800) or ([TCP::local_port] > 300))} {
    log local0. "Connection accepted from [IP::client_addr] destined for tcp port [TCP::local_port]"
    forward
  } else {
      log local0. "Connection discarded from [IP::client_addr] destined for tcp port [TCP::local_port]" 
      discard
  }
}

HTH...Jason