packet filter based on URL

Question

HI ALL ,&nbsp;
&nbsp;i have a web site published over the internet (ie  www.mysite.com)and i want to prevent access to some suburl (ie. www.mysite.com/admin)for this website to be accessed from outside how could i acheve this using eaither packet filtering or irule .&nbsp;
&nbsp;thank you . &nbsp;

chris_miller · Answer

Here's an iRule to accomplish it.

when HTTP_REQUEST {
   if { [HTTP::host] eq "www.mysite.com" and [HTTP::uri] starts_with "/admin" and ![class match [IP::client_addr] eq inside_addresses] } {
     discard }}

This requires that you create an address-type "datagroup" containing the IPs you want to allow. Let me know if you have any issues.

mbamusa_59409 · Answer

hi chris &nbsp;
&nbsp; thank you for your kind replay  &nbsp;&nbsp;
&nbsp; let's assume that 192.168.1.0/24 is the subnet which i want them to access the link and discard evrey thing else who we could write this ? &nbsp;
&nbsp;and what if the link is not like www.mysite.com/admin and it's like www.admin.mysite.com ?&nbsp;
&nbsp; regards

chris_miller · Answer

This should work.

when HTTP_REQUEST {
   if { [HTTP::host] eq "www.admin.mysite.com" and ![IP::addr [IP::client_addr]/24 eq 192.168.1.0] } {
     discard }}

Let me know if it doesn't.

Forum Discussion

packet filter based on URL

3 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

can you help with getting a BigIP virtual edition serial key

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

Related Content

Decrypting BIG-IP Packet Captures Automatically

Decrypting BIG-IP Packet Captures without iRules

UDP TCP Packet Duplication

Automating Packet Captures on BIG-IP

Filtering traffic based on client ip address and URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS