For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

W__Tout_99150's avatar
W__Tout_99150
Icon for Nimbostratus rankNimbostratus
Oct 17, 2006

Restricting traffic to a range of source IPs

We need to restrict incomming traffic to a range of source IPs. Traffic not from the allowed range is to be rejected. The problem is not in the rejection but rather in what happens to connections that...
application delivery
dev
devops
iRules
Joe_Pruitt's avatar
Joe_Pruitt
Oct 17, 2006
You can use the HTTP::respond to return custom content to the client for HTTP connections.

 

 

when HTTP_REQUEST {
  if { ... } {
    pool mt1_pool
  } else {
    HTTP::respond 200 content "Not AllowedYou are not allowed to access this site!"
  }
}

 

 

Feel free to change the HTML content (or the HTTP response code) in the response to whatever you wish.

 

 

Tip of the day: The HTTP::respond method is a great way to debug your iRules as well. Add a secret uri to your rule and if that is found, return back any content you want. I'm personally working on some Statistics profile work and this is a great way to build a reporting page.

 

 

-Joe