simple redirect irule based off ip
Hi All
I am very new to irules as we just got our first big-ip this week and have a rookie question for you.
I'm trying to redirect a sub-section of a site that I have got working with
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with "/restricted1" } {
HTTP::redirect "https://demo.com/not-allowed"
}
}
I have a requirement that if the matches say 10.2.2.0/24 then allow the connection still.
when HTTP_REQUEST {
if {[IP::addr 10.2.2.0/24 equals [IP::client_addr]]}
{ HTTP::redirect [HTTP::uri] }
else
{ HTTP::redirect HTTP::redirect "https://demo.com/not-allowed" }
}
I can't seem to get it working without affecting the whole site as I'm just after redirecting the /restricted part, Any pointers or if I'm doing this the wrong way?
Peace
Hello, how many networks do you need to match?
For allowing multiple client networks you'll need a data group.
See this example below - note that "getfield" returns a string so I'm changing the format to IP address using IP::addr .
when HTTP_REQUEST { if {[string tolower [HTTP::uri]] starts_with "/restricted1" }{ if { [IP::addr [getfield [IP::client_addr] "%" 1] equals "10.2.2.0/24"]}{ #this is a sample with a static client network return } elseif { [class match [getfield [IP::client_addr] "%" 1] equals datagroup_allowed_networks] } { #when you have multiple subnet to match, then it is recommended to use data-group created as Address (IP) type. return } else { HTTP::redirect "https://demo.com/not-allowed" } }