Single iRule for multiple customers to whitelist blacklist via data group

Question

We have been using separate whitelist/blacklist for each customer so far, since we used separate VIP for each customer. But we are now planning to move to single VIP configuration to handle traffic for all customers for which we have the iRule in our test lab which works fine for our requirement.
However we would also like to have one common iRule for whitelist/blacklist that can be handle traffic via data group, to avoid editing iRule for every new customer addition. Please suggest syntax for the same.
when HTTP_REQUEST {
    if { ([matchclass [string tolower [HTTP::host][HTTP::uri]] contains "Customer1_Blacklist_URLs"]) and ([matchclass [IP::remote_addr] equals "Customer1_Blacklist_IPs"]) } { HTTP::respond 403 }
}

when HTTP_REQUEST {
    if{ ([matchclass [string tolower [HTTP::host][HTTP::uri]] contains "Customer2_Blacklist_URLs"]) and ([matchclass [IP::remote_addr] equals "Customer2_Blacklist_IPs"]) } { HTTP::respond 403 }
}

stanislas_piro2 · Answer

I recommend to configure only one datagroup, with customer name in value.&nbsp;
Then, in class match command, add -value parameter to return the value instead of 0/1&nbsp;
Finally, check if the value equals (or contains) the customer name!&nbsp;

Forum Discussion

Single iRule for multiple customers to whitelist blacklist via data group

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Global Blacklist or Whitelist

F5 Distributed Cloud Customer Edge on F5 rSeries – Reference Architecture

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

Deploying F5 Distributed Cloud Customer Edge in Red Hat OpenShift Virtualization

Customer Edge Site High Availability for Application Delivery - Reference Architecture

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS