Forum Discussion

Nimbostratus

Jun 04, 2014

redirect if hosts are on the external segment

I am trying to write the iRules to achieve these: * If users are on the trusted network segment, they can view and edit the page http://www.mycompany.com/ and any URI after www.mycompany.com * If use...

application delivery

BIG-IP Access Policy Manager (APM)

Employee

Jun 05, 2014

e.g.

 config

[root@ve11a:Active:In Sync] config  tmsh list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  if { [IP::addr [IP::client_addr] equals 10.10.10.5/32] or [IP::addr [IP::client_addr] equals 192.168.100.0/24] } {
     trusted network segment
    pool seattle-only
    return
  }

   un-trusted network segment
  switch -glob [string tolower [HTTP::path]] {
    "/user*" { HTTP::redirect "http://[HTTP::host]" }
    "/department1/user*" { HTTP::redirect "http://[HTTP::host]/department1" }
    "/department2*" { HTTP::redirect "http://[HTTP::host]/department2" }
    default {
      pool seattle-only
    }
  }
}
}

 test

[root@ve11a:Active:In Sync] config  curl -I http://172.28.24.10/user/something -H "Host: www.mycompany.com"
HTTP/1.0 302 Found
Location: http://www.mycompany.com
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

HTTP/1.0 302 Found:In Sync] config  curl -I http://172.28.24.10/department1/user/something -H "Host: www.mycompany.com"
Location: http://www.mycompany.com/department1
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

[root@ve11a:Active:In Sync] config  curl -I http://172.28.24.10/department2/something -H "Host: www.mycompany.com"
HTTP/1.0 302 Found
Location: http://www.mycompany.com/department2
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)