For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

rajeshgoud's avatar
rajeshgoud
Icon for Altostratus rankAltostratus
Apr 06, 2017

URI restriction for for host abc.com with client IP

Hi All

I am creating a iRule to restrict a URI to a specific client IP and allow rest but I am getting a syntax error

error: [parse error: PARSE syntax 213 {syntax error in expression " ([class match -value [IP::client_addr] equals slm_...": unexpected operator /}][{ ([class match -value [IP::client_addr] equals slm_abc]) and !([HTTP::uri] equals /xyz.aspx) }]

when HTTP_REQUEST {

 if {[ string tolower [HTTP::host]] equals "abc.com" } {
        if { ([class match -value [IP::client_addr] equals slm_abc]) and !([HTTP::uri] equals /xyz.aspx) } {
             Drop the connection
            drop
        } else {
     Process the traffic for all IPs for URL abc.com
            pool ABC_TEST_V
        }
    }

}

application delivery
iRules
LTM

2 Replies

  • rajeshgoud's avatar
    rajeshgoud
    Icon for Altostratus rankAltostratus
    Apr 06, 2017

    Looks like I found the issue is with URI I need to use qoutes

     

    Incorrect - !([HTTP::uri] equals /xyz.aspx) Correct !([HTTP::uri] equals "/xyz.aspx")

     

  • Snl's avatar
    Snl
    Icon for Cirrostratus rankCirrostratus
    Apr 07, 2017

    Include string to lower in your IRULE, this will ensure no bypass in the URI

     

    example - refer the last 2 irules

     

    Link