Forum Discussion
JP_42120
Nimbostratus
NimbostratusTrying to add more restrictions to exiting iRule with flags
Hi, we are trying to additional restrictions based on new IP and URL to existing rule... Below is an example of our current and also NEW iRule. does this look right? is there a better way to do th...
JP_42120Nimbostratus
NimbostratusCombining both methods....
new iRule
when HTTP_REQUEST { if { [HTTP::host] starts_with "foo.com" } { If URI match allowed URI's if { [class match [HTTP::uri] starts_with allow_URI_data_group ] } { if { [class match [IP::client_addr] equals allow_address_data_group ] } { pool 80_pool } else { HTTP::redirect "http://deafult-internal.net" } } If URI start with new URI validate allowed IP and send it to the pool or redirect elseif { [class match [HTTP::uri] starts_with new_allow_URI_data_group ] } { if { [class match [IP::client_addr] equals new_allow_address_data_group ] } { pool 80_pool } else { HTTP::redirect "http://deafult-internal.net" } } Redirect all other URI else { HTTP::redirect "http://www.default-external" } } }
Brad_ParkerCirrus
Once you start needing that many uri options the data group is the way to go.- JP_42120HI Brad, Actually, the second condition "/water/more.." is a subset of the first URI "/water/...". Would it be possible to negate "/water/more..." in first condition? Is there a better way? new first condition.. when HTTP_REQUEST { if { [HTTP::host] starts_with "foo.com" } { If URI match allowed URI's if { [class match [HTTP::uri] starts_with allow_URI_data_group ] } { Negate if { [class match [HTTP::uri] not_starts_with "/water/more..."] } { if { [class match [IP::client_addr] equals allow_address_data_group ] } { pool 80_pool } else { HTTP::redirect "http://deafult-internal.net" } }......
