Forum Discussion

Altostratus

Apr 10, 2021

restrict access to a vs by a datagroup but temp allow exceptions and log

So i basically have the concept of the what i want to do programatically but need some assistance turning it into a irule. I have virtual server that has open access and I want to change it to ...

Nacreous

Apr 10, 2021

value is optional to add description. you can keep it blank. Reject can be commented out until IP address list is confirmed to allow all traffic

when CLIENT_ACCEPTED {
 if { ![class match [IP::client_addr] eq "datagroup_allowed_ip" ] }{
  log local0. "Dropped connection: client IP [IP::client_addr] is not in datagroup."
  #reject
  }
 }

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

restrict access to a vs by a datagroup but temp allow exceptions and log

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Office 365 Tenant Restrictions

CSV to Address External Datagroup File

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

F5 iRule Geolocation restriction

iControl 101 - #05 - Exceptions

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS