Forum Discussion
Brendan_Hogan_9
Nimbostratus
NimbostratusWant to use data group list instead of ip address
How would I change the following rule to use a data group list instead of specific IP addresses?
when HTTP_REQUEST {
if { [IP::addr [IP::client_addr] equals 164.16.1.1] } {
pool f89devl}
elseif { [IP::addr [IP::client_addr] equals 164.16.1.2] } {
pool f89devl}
else
{HTTP::redirect "https://outage.vccs.edu"}
}
3 Replies
- Here you go.
class address_list {
host 164.16.1.1
host 164.16.1.2
}when HTTP_REQUEST { if { [matchclass [IP::client_addr] equals $::address_list] } { pool f89devl } else { HTTP::redirect "https://outage.vccs.edu" } }
Keep in mind that you can use netmasks in both data groups as well as single IP::addr comparisons.
For example,when HTTP_REQUEST { if { [IP::addr [IP::client_addr]/24 equals 164.16.1.0] } { pool f89dev1 } else { HTTP::redirect "https://outage.vccs.edu" } }
Will validate addresses 164.16.1.[0-255].
You can do the same thing with data groups/matchclass by creating network entries instead of host entries in the datagroup.
Hope this helps...
-Joe 
Brendan_Hogan_9Very good. Exactly what I was looking for. Thanks!
Nicolas_MenantEmployee
Hi,
If you use a 8X00 platform you should use ::address_list instead of $::address_list. This way you'll maintain CMP
