Forum Discussion
NimbostratusSimple iRule is not working as expected
Hello. I am very, very new to iRules. This is the rule that we are trying to use to block an IP address. The Events Request Log indicates that we are not actually blocking this IP address, so perhaps the code is incorrect. I am thankful for any advice.
when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 70.39.176.44/24] } { log local0. "Blocking [IP::client_addr]" reject } }
5 Replies
- Kevin_Stewart
Employee
Reformatted:
when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 70.39.176.44/24] } { log local0. "Blocking [IP::client_addr]" reject } }This should certainly block any request from client IP 70.39.176.44. By "Events Request Log", are you referring to the LTM log that this iRule would be logging to? As in you're not seeing this log statement?
Dianna_129659Hi Kevin. Thank you for responding. No, I am not viewing log files. I am watching the actual request as they come through the F5 tool under Events >> Request >> Log.
- Dianna_129659Oh, my. I just found the answer to my own question! That IP Address is actually in the IP Address Exceptions - never block this IP address. So sorry! Many thanks for assuring me that my iRule was working. I will keep learning.
If you are trying to blocking everything from a /24 network I would think the format of the IP should be 70.39.176.0/24.
- Dianna_129659Good point! Thank you.
