Port Forwarding - Need Help

Question

Hi, 
&nbsp;  
&nbsp; I am new to the iRules , i need to write an iRule that will apply to a VS and will accept only TCP connection from a specific range of destination TCP ports . 
&nbsp;  
&nbsp; Can someone suggest such an iRule ? 
&nbsp;  
&nbsp; Thanks

nicolas_menant · Answer

You should have checked the wiki it would have give you what you need 
  
 Click here 
 Click here

when CLIENT_ACCEPTED { 
   if { not([IP::addr [IP::client_addr]/16 equals "10.10.0.0"]) } { 
      reject 
  } 
 }

hoolio · Answer

If you're trying to allow access to specific ports on an any port VIP, you could check the TCP::local_port value (Click here) to make a decision:

This event is triggered when a TCP connection is established between the client and the VIP 
 when CLIENT_ACCEPTED { 
  
     Check if the port is between 1001 and 1999 
    if {not ([TCP::local_port] &gt; 1000 and [TCP::local_port] &lt; 2000)}{ 
  
        Log a debug message that we're resetting the TCP connection. 
       log local0. "[IP::client_addr]:[TCP::client_port]: Request to illegal port: [IP::local_addr]:[TCP::local_port]" 
  
        Send TCP reset 
       reject 
    } 
 }

Aaron

Forum Discussion

Port Forwarding - Need Help

Recent Discussions

UCS backup not loading Big IP DNS pool

Http / https health monitor issue

F5 DNS Generic Host

I used the wrong email account when take Application Delivery Exam (101)

F5 migration

Related Content

Policy to forward to a range of ports

SMTP Traffic Forward to M365 on Port 587

Forward traffic based on TCP Port - LTM Policy

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

Response port masking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS