Forum Discussion

mlamutt_62697's avatar
Icon for Nimbostratus rankNimbostratus
Feb 03, 2010

Redirect HTTP to HTTPS with IP exclusions

I am writing an iRule to allow HTTP access for a select set of IPs while forcing all other traffic to https. This is what I have come up with, but it is not working. Apologies in advance, as this is my first attempt at creating a new rule.





if { not ([IP::addr [IP::client_addr]] equals or


not ([IP::addr [IP::client_addr]] equals


} {


HTTP::redirect https://[HTTP::host][HTTP::uri]








The error I am getting is:



01070151:3: Rule [HTTPRedirectWSODExluded] error: line 2: [parse error: PARSE syntax 73 {syntax error in expression " not ([IP::addr [IP::client_addr]] equals or ...": looking for close parenthesis}] [{ not ([IP::addr [IP::client_addr]] equals or not ([IP::addr [IP::client_addr]] equals }]



Any help would be appreciated.

2 Replies

  • The syntax error is in the IP::addr closing braces and the unescaped new line between the IP::addr commands. Also, you can check the client IP in CLIENT_ACCEPTED and redirect in HTTP_REQUEST to save checking the client IP on every request:

       when CLIENT_ACCEPTED {   
           Check if the client IP is in the two internal ranges   
          if { [IP::addr [IP::client_addr] equals] or \   
             [IP::addr [IP::client_addr] equals]} {   
              Dont redirect the client   
             set redirect 0   
          } else {   
             set redirect 1   
       when HTTP_REQUEST {   
          if {$redirect}{   
             HTTP::redirect "https://[HTTP::host][HTTP::uri]"