Guys, I'm hitting my head against a brick wall!
I'm trying to allow clients to connect only on ports 443 or 2030 but it's not working - they can connect on any port!?
I've got this iRule:
when CLIENT_ACCEPTED {
if { not ([TCP::local_port] == 443) or ([TCP::local_port] == 2030) }{
reject
}
}
and I've followed the instructions above (same result) as well as K6018 to enable PAT on the vServer (same result); I've even tried 'serverside' and 'clientside' after local_port in the iRule (same result); I've tried drop - same result. I've also tried other iRules from other threads e.g. with words like client_port !=443...
The only time I can't connect on other ports is if I change the service port on the vServer to 443, otherwise, I can always telnet into this vServer on any of the other ports (i.e. the iRule is not working). I've bound the iRule to the vServer in the resources tab (the HTTP > HTTPS redirect worked when I bound it here so I'm thinking this is the right place?). Just to be sure, I made new vServer with no extra settings such as HTTP profile etc. but still, can go straight through. I'm on 13.1.0.8.
What am I missing?