For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Arjun_Menon_343's avatar
Arjun_Menon_343
Icon for Nimbostratus rankNimbostratus
Jan 13, 2019

Virtual server with Private IP subnet and Geo location as source

We have requirement to match and allow the Private IP subnet and Geo location of QA for the virtual servers. I tried using the below Irule. Though the same is not working as only the first clause of ...
application delivery
irule
iRules
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Jan 14, 2019

Hi Arjun,

for further troubleshooting you may add some log lines to your iRule, to see whats going on behind the scene...

when CLIENT_ACCEPTED { 
    if { [class match [IP::client_addr] eq private_net] } then { 
        log local0.debug "Allowing connection from Private IP=[IP::client_addr]"
        return 
    } elseif { [whereis [IP::client_addr] country] contains "QA" } then { 
        log local0.debug "Allowing connection from from IP = [IP::client_addr] with Geo Location = [whereis [IP::client_addr] country]"
        return 
    } else { 
        log local0.debug "Discarding connection from IP = [IP::client_addr] with Geo Location = [whereis [IP::client_addr] country]"
        discard 
    }
}

Cheers, Kai