Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Nick_Mattern_67's avatar
Nick_Mattern_67
Icon for Nimbostratus rankNimbostratus
16 years ago

Redirect URL based on IP

I've looked at a lot of information on this forum but nothing seems to meet my need exactly and I'm guessing it's something horribly obvious I'm missing.     I want to restrict access to a URL b...
application delivery
dev
devops
irules
James_Quinby_46's avatar
James_Quinby_46
Historic F5 Account
16 years ago
Howdy. This seems to work pretty well, though I have no doubt that if there's a more efficient way to do it, someone will step in and reveal it: 

 
when HTTP_REQUEST {
log local0. "URI requested: [HTTP::uri]"

if { [HTTP::uri] equals "/admin/login.php"} {

log local0. "We have a URI match!"
if {[matchclass [IP::client_addr] equals $::good_networks] }{

log local0. "[IP::client_addr] is good! Access to [HTTP::uri] granted"

} else {

log local0. "[IP::client_addr] is not so good! Redirect issued!"
HTTP::redirect "http://www.google.com"

}
}
}

Comment out the log lines and switch the redirect to something more appropriate. Also, this rule makes use of an external data class, which you can create with the F5 iRule editor. In /config/bigip.conf, mine looks like this:


class good_networks {
   {
       network 10.10.10.0/24
       network 192.168.1.0/24
    }
}