Forum Discussion
restrict access to a vs by a datagroup but temp allow exceptions and log
thanks all i got it working, thanks for the very quick replies.
- guestAug 04, 2022Nimbostratus
Hello Ravager,
I just only want to give permission to specific ips which included into data group. For this, is it enough to write in the irule that Sanjay stated? did you use this?
when CLIENT_ACCEPTED { if { ![class match [IP::client_addr] eq "datagroup_allowed_ip" ] }{ log local0. "Dropped connection: client IP [IP::client_addr] is not in datagroup." #reject } }
@@crodrigue , what kind change we need here to actually reject (block) the traffic? Can you give the exact configuration statement? Is there any opportunity to block and log?
Kind Regards,
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com