For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

brad9iner_11512's avatar
brad9iner_11512
Icon for Altostratus rankAltostratus
Feb 24, 2014

Using 2 different Data Groups to control traffic to a Virtual Server in an iRule

I am trying to determine the best way to modify an iRule that I am using to control access to a specific Virtual Server. Currently the iRule is as follows: when HTTP_REQUEST { if { not [class mat...
application delivery
devops
iRules
LTM
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Feb 24, 2014

Try this:

when HTTP_REQUEST {
    if { [class match [IP::addr] equals BlacklistedAddresses] } {
        HTTP::respond 403 content "403 - Forbidden"
    } elseif { not ( [class match [IP::client_addr] equals trustedAddresses] ) } {
        HTTP::respond 403 content "403 - Forbidden"
         event HTTP_REQUEST disable
    }
}