Forum Discussion

Brendan_Hogan_9's avatar
Brendan_Hogan_9
Icon for Nimbostratus rankNimbostratus
May 16, 2008

Want to use data group list instead of ip address

How would I change the following rule to use a data group list instead of specific IP addresses?

 

 

when HTTP_REQUEST {

 

if { [IP::addr [IP::client_addr] equals 164.16.1.1] } {

 

pool f89devl}

 

elseif { [IP::addr [IP::client_addr] equals 164.16.1.2] } {

 

pool f89devl}

 

else

 

{HTTP::redirect "https://outage.vccs.edu"}

 

}

 

application delivery
dev
devops
iRules
  • Joe_Pruitt's avatar
    Joe_Pruitt
    May 16, 2008
    Here you go.

    class address_list {

    host 164.16.1.1

    host 164.16.1.2

    } 

    when HTTP_REQUEST { 
   if { [matchclass  [IP::client_addr] equals $::address_list] } { 
     pool f89devl 
   } else { 
     HTTP::redirect "https://outage.vccs.edu" 
   } 
 }

    Keep in mind that you can use netmasks in both data groups as well as single IP::addr comparisons.

    For example, 

    when HTTP_REQUEST { 
   if { [IP::addr [IP::client_addr]/24 equals 164.16.1.0] } { 
     pool f89dev1 
   } else { 
     HTTP::redirect "https://outage.vccs.edu" 
   } 
 }

    Will validate addresses 164.16.1.[0-255].

    You can do the same thing with data groups/matchclass by creating network entries instead of host entries in the datagroup.

    Hope this helps...

    -Joe
  • Nicolas_Menant's avatar
    Nicolas_Menant
    Icon for Employee rankEmployee
    May 20, 2008
    Hi,

     

     

    If you use a 8X00 platform you should use ::address_list instead of $::address_list. This way you'll maintain CMP