Forum Discussion

Ron_126046's avatar
Ron_126046
Icon for Nimbostratus rankNimbostratus
Feb 24, 2014

Permit specif IPs to pools, all others see simple maintenance page REPOST as requested

I have an irule set up to redirect to specific pools depending on uri. Now maintenance is being done and only specific ips need to be allowed to sites, all other get a simple web page that the site is down.

 

when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/jumper" { pool jumper_JMPRIIS_Https_Pool log local0. "redirect irule pool jumper_JMPRIIS_Https_Pool" } "/" - "/annie" - "/bugg" - "/charles" - "/dog" - "/fashion" { pool fashion_FHSIIS_Https_Pool log local0. "redirect irule pool fashion_FHSIIS_Https_Pool" } default { pool skijump_SKJWEB_Https_Pool log local0. "redirect irule pool skijump_SKJWEB_Https_Pool" } } }

 

I've set up a datagroup list with the ips in it. I need assitance allowing the ip group to the site, while sending all other to the simple website down page.

 

application delivery
devops
iRules

2 Replies

  • Eric_St__John's avatar
    Eric_St__John
    Icon for Employee rankEmployee
    Feb 24, 2014

    What you are doing in your current iRule would not be considered a "redirect", but URI switching. The following iRule would match an IP address against the data group "data_group_name", and if it matches it will go through the rest of your logic. If it does not match an IP in the data group "data_group_name", it will redirect to http://maintenance.domain.com If you are looking to perform a pool selection based on the IP address rather than redirect, you can change the else action.

    when HTTP_REQUEST {
  if { [class match [IP::client_addr] equals data_group_name] } {
    switch -glob [string tolower [HTTP::uri]] { 
      "/jumper" { 
        pool jumper_JMPRIIS_Https_Pool
        log local0. "redirect irule pool jumper_JMPRIIS_Https_Pool"
      } 
      "/" -
      "/annie" -
      "/bugg" -
      "/charles" -
      "/dog" -
      "/fashion" {
        pool fashion_FHSIIS_Https_Pool
        log local0. "redirect irule pool fashion_FHSIIS_Https_Pool"
      }
      default {
        pool skijump_SKJWEB_Https_Pool
        log local0. "redirect irule pool skijump_SKJWEB_Https_Pool"
      }
    }
  else {
    HTTP::redirect "http://maintenance.domain.com"
  }
  }
}

    Eric

  • John_Alam_45640's avatar
    John_Alam_45640
    Historic F5 Account
    Feb 24, 2014

    This may be what you are asking for, change data_group_name_here to the real name of the datagroup you created:

    when HTTP_REQUEST { 
  if { [class match [IP::client_addr] equals data_group_name_here] } {
      switch -glob [string tolower [HTTP::uri]] { 
        "/jumper" { pool jumper_JMPRIIS_Https_Pool 
                    log local0. "redirect irule pool jumper_JMPRIIS_Https_Pool" }  
         "/" - "/annie" - "/bugg" - "/charles" - "/dog" - "/fashion" {      
                    pool fashion_FHSIIS_Https_Pool 
                    log local0. "redirect irule pool fashion_FHSIIS_Https_Pool" } 
         default { pool skijump_SKJWEB_Https_Pool 
                    log local0. "redirect irule pool skijump_SKJWEB_Https_Pool" }
     }
  } else {
    HTTP::respond 200 content {Maintenance PageSite is down, try again later.}
  }
}