Forum Discussion

FromRome's avatar
FromRome
Icon for Nimbostratus rankNimbostratus
Nov 09, 2019

Smtp irules access list

Hi all.

I created a simple irules for prevent unauthorized client ip to send mail to balancer:

 

when CLIENT_ACCEPTED {

set accepted_snat "x.x.x.x"

 

if { [ class exists SmtpPool ] }

{

if { [class match [IP::client_addr] equals $::SmtpPool] }

{

snat $accepted_snat

} else {

snat automap

}

} else {

snat automap

}

}

 

I created smtppool with autorized ip and assign this rule a specific virtual server. This virtual server wirk fine without rule. If i select rule in virtual server not work. If i try test to telnet i view only black screen when i connect and close the session.

 

Thanks

  • what does the /var/log/ltm say?

     

    you do have entries in the datagroup? do those match?

     

    see also:

    https://devcentral.f5.com/s/question/0D51T00006i7ZeSSAU/irule-smtp-help

  • Hi. Thanks for response. I receive this error on log file:

     err tmm[11119]: 01220001:3: TCL error: /Common/SmtpFilter <CLIENT_ACCEPTED> - can't read "::PoolSmtp": no such variable   while executing "class match [IP::client_addr] equals $::PoolSmtp"

     

    Thanks

  • do you have a datagroup called PoolSmtp?

     

    remove the $:: in front of PoolSmtp in the iRule .