Forum Discussion
NimbostratusSource port of original Virtual server
We have a "general" Virtual Server for port 80, another for port 443 applications. Also limiting the number of ip addresses. This Virtual server does a forwarding to a specific virtual server depending on the specific application.This specific virtual server has the same ip as the 'general' virtual server, but another port. This gives us the possibility to easily specify specific parameters for that application, makes it easier to debug, .... .
But we noticed that some users are entering the specific VS without passing to the general VS, specifying the 'specific" port.
Normally: url:80 --> general VS with port 80 ---> specific VS with port xxx.
Some do : url:xxx --> specific VS with port xxx.
We would like to prevent this. How can we do this, if possible using a policy? Is there a way to test the incoming port of the 'general' Virtual Server??
I've tried a lot but I always get xxx as the incoming port.
Any help is appreciated
Jan
Samir_Jha_52506Noctilucent
Did you tried with iRule to capture incoming port number and block request? If you notice client browser incoming port always will start from 50000 to 65535(Please correct me if i am wrong). Besed on that you can tune iRule.
So far not receive such requirement, So Dev central expert will help us.
- boneyard
MVP
If im not mistaken the request for host:xxx will have a host header with the :xxx port behind the hostname. so check [HTTP::host] and if it isn't empty or :80 then you have something to block on right?
