Stephane_87808
Mar 12, 2012Nimbostratus
Restriction on IP source AND uri dest
Hello
I need to limit the access to some specific uri containing /wps/wcm/.*connect/iww_. to 10.0.0.0/8 ip range : except this specif web pages on Pool_WCM_Rendering_HTTP, all the website has to be accessible by anybody whatever his source ip.
for the time being, I'am using the following irule :
when HTTP_REQUEST {
if {[HTTP::host] equals "wcm.bureauveritas.com"} {
pool Pool_WCM_Authoring_HTTP
} else {
pool Pool_WCM_Rendering_HTTP
}
}
and I try now to implement something like :
when HTTP_REQUEST {
if {[HTTP::host] equals "wcm.bureauveritas.com"} {
pool Pool_WCM_Authoring_HTTP
} elseif { not [IP::addr [IP::client_addr] 10.0.0.0/8 ] AND [HTTP::uri] contains "/wps/wcm/.*connect/iww_.*" } {
reject
}
else {
pool Pool_WCM_Rendering_HTTP
}
}
but the syntax is not correct : could you help me finding the correct syntaxt ? Is the best approach to filter as requested ?
Thanks
Stephane Creuze