F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Joe_5599_134300's avatar
Joe_5599_134300
Icon for Nimbostratus rankNimbostratus
Oct 31, 2014

Source IP Allow to VS then URI Rewrite

I need help with the syntax for irule I'm trying to use on a shared HTTPS VS. I need to check the SRC IP allowed using a data group created, then if found proceed to URI rewrite from test to dev. I can get the rewrite irule to work, but not able to combine the two functions.

 

when CLIENT_ACCEPTED { if { not ( [class match [IP::client_addr] equals IP_Allow_Data_Group])} { reject } when HTTP_REQUEST { log local0. "Incoming URI = [HTTP::uri]" if { [string tolower [HTTP::uri]] starts_with "/test" } { set uri [string map -nocase {"/test" "/dev"} [HTTP::uri]] log local0. "New URI = $uri" HTTP::uri $uri SSL::disable serverside

 

pool webtest-test.com-80 } }

 

application delivery
devops
iRules

3 Replies

  • R_Eastman_13667's avatar
    R_Eastman_13667
    Historic F5 Account
    Oct 31, 2014

    Try this:

    when HTTP_REQUEST { 
    log local0. "Incoming URI = [HTTP::uri]" 
    if {[class match [IP::client_addr] equals "IP_Allow_Data_Group"]} {
        if { [string tolower [HTTP::uri]] starts_with "/test" } { 
            set uri [string map -nocase {test dev} [HTTP::uri]]
            log local0. "New URI = $uri" 
            HTTP::uri $uri 
            SSL::disable serverside
            pool webtest-test.com-80 
        } 
    }
    else {
        HTTP::close
    }
}
    • Joe_5599_134300's avatar
      Joe_5599_134300
      Icon for Nimbostratus rankNimbostratus
      Oct 31, 2014
      Yes the syntax is now ok but do I need a (reject) if no match in the data group IP's allowed? Or a default action of reject at the end?
    • R_Eastman_13667's avatar
      R_Eastman_13667
      Historic F5 Account
      Nov 03, 2014
      I added an HTTP::close command in an else conditional statement in the above code.