Forum Discussion
AltostratusPermitting and Denying in a irule
Hello I need help to figure out how to permit an if in a irule, something like this...
when HTTP_REQUEST { if {([HTTP::host] equals "something.com") && ( not [class match [IP::client_addr] equals /Partition/User1])} { log local0. "Permit User1 [HTTP::host]/[HTTP::uri] from [IP::client_addr]"
Command for Permit} elseif {
([HTTP::host] equals "something.com") && ( not [class match [IP::client_addr] equals /Partition/User2])} {
log local0. "Permit User2 [HTTP::host]/[HTTP::uri] from [IP::client_addr]"
} elseif { log local0. "Denying the Rest [HTTP::host]/[HTTP::uri] from [IP::client_addr]" reject } }
Can someone give me a hint?
The right one... when HTTP_REQUEST { if {([HTTP::host] equals "something.com") && ( [class match [IP::client_addr] equals /Partition/User1])} { log local0. "Permit User1 [HTTP::host]/[HTTP::uri] from [IP::client_addr]"
Command for Permit
Command for Permit} elseif { ([HTTP::host] equals "something.com") && ( [class match [IP::client_addr] equals /Partition/User2])} { log local0. "Permit User2 [HTTP::host]/[HTTP::uri] from [IP::client_addr]"} elseif { log local0. "Denying the Rest [HTTP::host]/[HTTP::uri] from [IP::client_addr]" reject } }
G__246_ran___19The right one... when HTTP_REQUEST { if {([HTTP::host] equals "something.com") && ( [class match [IP::client_addr] equals /Partition/User1])} { log local0. "Permit User1 [HTTP::host]/[HTTP::uri] from [IP::client_addr]"
Command for Permit
Command for Permit} elseif { ([HTTP::host] equals "something.com") && ( [class match [IP::client_addr] equals /Partition/User2])} { log local0. "Permit User2 [HTTP::host]/[HTTP::uri] from [IP::client_addr]"} elseif { log local0. "Denying the Rest [HTTP::host]/[HTTP::uri] from [IP::client_addr]" reject } }
- G__246_ran___19
Or Shod it be like this since there is two different responers?
when HTTP_REQUEST { if { ([HTTP::host] equals "my.domain.com") && ([string tolower [HTTP::uri]] contains "/selftest.aspx") && (( not [class match [IP::client_addr] equals /Partition/Selftest_Users])} { log local0. "Deny not KPA_Users [HTTP::host]/[HTTP::uri] from [IP::client_addr]" set Responce_value "forward_notfound" return } elseif { ([HTTP::host] equals "my.domain.com") && ([string tolower [HTTP::uri]] contains "/bolag") && ( not [class match [IP::client_addr] equals /Partition/KPA_web_allowed_networks_Users])} { log local0. "Deny not KPA_Users [HTTP::host]/[HTTP::uri] from [IP::client_addr]" set Responce_value "forward_accessinfo" return } elseif { ([HTTP::host] equals "my.domain.com") && ([string tolower [HTTP::uri]] contains "/pv/ui") && ( not [class match [IP::client_addr] equals /Partition/KPA_Users])} { log local0. "Deny not KPA_Users [HTTP::host]/[HTTP::uri] from [IP::client_addr]" set Responce_value "forward_notfound" return } elseif { ( [class match -value $Responce_value equals forward_notfound] ) } { HTTP::respond 301 Location "https://[HTTP::host]/NotFound.aspx" } elseif { ( [class match -value $Responce_value equals forward_accessinfo] ) } { HTTP::respond 301 Location "https://[HTTP::host]/Accessinfo.aspx" } }