Forum Discussion
rajeshgoud
Altostratus
AltostratusURI access for all for 4 URIs and rest of the URIs based on IP whitelisting
Hi Everyone,
I have requirement for IP whitelisting for ALL the URIs except for 4 URI. The 4 URIs should be accessible to all
Here is the sample I used but its working for whitelisting but ...
rajeshgoudAltostratus
Altostratus
when HTTP_REQUEST {
if { [string tolower [HTTP::host]] equals "abc.com" } {
Check if requested URI matches for access to all
switch -glob [HTTP::uri] {
"/6110.aspx" -
"/9018.aspx" -
"/9044.aspx" -
"/3001.aspx" {
pool ABC_TEST_V
}
}
} elseif { [string tolower [HTTP::host]] equals "abc.com" } {
if { [class match [IP::client_addr] equals ABC_all] } {
Process the traffic for all IPs for URL abc.com pool ABC_TEST_V
} else {
Drop the connection
drop
}
}
}
when HTTP_RESPONSE {
foreach mycookie [HTTP::cookie names] {
HTTP::cookie secure $mycookie enable
}
}
Are your 'if' and 'elseif' trying to match on the same text? The hostname is in small case, yes the hostname is same for if and elseif statement. I am match 4 URIs if they match I send to the pool else I have to check the IP whitelisted->yes->then goto to pool
rajeshgoudAltostratus
Altostratusfollowing logic worked
when HTTP_REQUEST {
switch -glob [ string tolower [HTTP::host]] {
"abc.com" {
switch -glob [HTTP::uri] {
"/6110.aspx" -
"/9018.aspx" -
"/9044.aspx" -
"/3001.aspx" { pool abc_V }
"/5005.aspx" { if { [class match [IP::client_addr] equals abc_5005] }
{ pool abc_test_V } }
default {
if { [class match [IP::client_addr] equals abc_internet] } {
Process the traffic for all allowed IPs for URL abc.com
pool abc_test_V
} else {
Send HTTP reject message
HTTP::respond 403 content {
Access Restricted!Please make sure you are on CA Network to access this application
}
}
}
} } } }
