For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Danny_Trinh_197's avatar
Danny_Trinh_197
Icon for Nimbostratus rankNimbostratus
Feb 03, 2009

script for port 443 and 50000-59999

Hello forum,   I have an iRule as below:   when CLIENT_ACCEPTED {   if { [TCP::client_port] < 50000 or [TCP::client_port] > 59999}{   drop   }   } ...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 03, 2009
I think you want to check TCP::local_port not TCP::client_port. TCP::client_port is the source port.

You can check for the ports you want to allow using this:

([TCP::local_port] >= 50000 && [TCP::local_port] <= 59999) || [TCP::local_port] == 443)

And you can logically NOT that to drop everything else: 

 
 when CLIENT_ACCEPTED { 
  
     Check requested port 
    if { ! (([TCP::local_port] >= 50000 && [TCP::local_port] <= 59999) || [TCP::local_port] == 443)}{ 
  
        Request was to an disallowed port, so drop it 
       drop 
    } 
 }

Aaron