Forum Discussion

Nimbostratus

Feb 08, 2011

Restrict FTP traffic on VIP to IP address or range

We're running BigIP LTM 9.4.7. I have a contractor who requires FTP access to an FTP server on our network. We have created a VIP that only allows...

Nimbostratus

Mar 22, 2011

Hi,

I have big-ip version 10.2 with 2 partitions and I want to filter incoming web requests based on clients' IP addresses. I tried the following irule with datagroup IP lists, with no sucess.

Is the irule below valid for multiple partitions?

Here's the irule:

when CLIENT_ACCEPTED {

Check if client IP is not in the allowed_clients_datagroup

if { not [class match [IP::client_addr] equals allowed_clients_datagroup]}{

Disallowed client IP, send a tcp reset

reject

}

thanks.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Restrict FTP traffic on VIP to IP address or range

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

Ipv6 address

Managing Kubernetes Traffic With F5 NGINX: A Practical Guide

iRule - Restricting IP addresses for a portion of URI

How do I drop traffic on ASM?

restrict website to only specific ip addresses on same VS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS