Forum Discussion
tran_93981
Nimbostratus
Nimbostratusredirect if hosts are on the external segment
I am trying to write the iRules to achieve these:
* If users are on the trusted network segment, they can view and edit the page http://www.mycompany.com/ and any URI after www.mycompany.com
* If use...
tran_93981Nimbostratus
NimbostratusI want to do:
- if a user is on the trusted network segment, the user can access www.company.com and any URI after that
- if a user is on the untrusted network segment, the user can access www.company.com
- if a user is on the untrusted network segment and the user is trying to access to www.company.com/user then he will be redirected to www.company.com
- if a user is on the untrusted network segment and the user is trying to access to www.company.com/xyz/user, the user will be redirected to www.company.com/xyz
After reading Nitass's answer and looking up more on devcentral, I have the iRule code to achieve those and it seems to work:
when HTTP_REQUEST {
if the request is from the trusted network segments
if {[IP::addr [IP::client_addr] equals 10.10.10.3/32] or [IP::addr [IP::client_addr] equals 10.55.88.0/24]} {
log local0. "First IF"
pool seattle-only
return
}
if the request is from untrusted network segment
switch -glob [string tolower [HTTP::path]] {
"/user" {
log local0. "1st SWITCH PATH:[HTTP::path] URI:[HTTP::uri]"
HTTP::redirect "http://[HTTP::host]"
}
"/*/user" {
set new_uri [getfield [HTTP::uri] "/" 2]
log local0. "WILD CARD SWITCH PATH:[HTTP::path] URI:[HTTP::uri] NEW_URI: $new_uri"
HTTP::redirect "http://[HTTP::host]/$new_uri"
}
default {
log local0. "DEFAULT: PATH:[HTTP::path] URI:[HTTP::uri]"
pool seattle-only
}
}}
Thanks,
What_Lies_Bene1Cirrostratus
OK, brilliant, job done! Cheers
