Forum Discussion

Brendan_Hogan_9's avatar
Brendan_Hogan_9
Icon for Nimbostratus rankNimbostratus
May 16, 2008

Want to use data group list instead of ip address

How would I change the following rule to use a data group list instead of specific IP addresses?     when HTTP_REQUEST {   if { [IP::addr [IP::client_addr] equals 164.16.1.1] } { ...
application delivery
dev
devops
iRules
Joe_Pruitt's avatar
Joe_Pruitt
May 16, 2008
Here you go.

class address_list {

host 164.16.1.1

host 164.16.1.2

} 

when HTTP_REQUEST { 
   if { [matchclass  [IP::client_addr] equals $::address_list] } { 
     pool f89devl 
   } else { 
     HTTP::redirect "https://outage.vccs.edu" 
   } 
 }

Keep in mind that you can use netmasks in both data groups as well as single IP::addr comparisons.

For example, 

when HTTP_REQUEST { 
   if { [IP::addr [IP::client_addr]/24 equals 164.16.1.0] } { 
     pool f89dev1 
   } else { 
     HTTP::redirect "https://outage.vccs.edu" 
   } 
 }

Will validate addresses 164.16.1.[0-255].

You can do the same thing with data groups/matchclass by creating network entries instead of host entries in the datagroup.

Hope this helps...

-Joe