Forum Discussion

Nimbostratus

Jun 21, 2012

Whitelist a iRule, otherwise redirect

Need some help creating an iRule. The idea is that I have a VS, and I will be associating a iRule to do a redirect, but I dont want to do a redirect if a the IP/Subnet is in the iRule data group. I t...

Cirrostratus

Jun 22, 2012

If you're on 9.4.4 or higher make sure to remove the $:: prefix from the data group name. You can add debug logging to figure out why the iRule isn't working. Here's a version 10 or higher example:


when HTTP_REQUEST {
if { [class match [IP::client_addr] equals Whitelist_Sorry] } { 
log local0. "[IP::client_addr]:[TCP::client_port]: Client is in data group so do not redirect. DG: [class get Whitelist_Sorry]"
} else {
log local0. "[IP::client_addr]:[TCP::client_port]: Client is not in data group so redirect"
HTTP::redirect 
}
}

Also, [IP::client_addr] and [IP::remote_addr] will return the same value in clientside events like CLIENT_ACCEPTED and HTTP_REQUEST.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Whitelist a iRule, otherwise redirect

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Anchor Link Redirect

(HTTP) Redirection via Arbitrary Host Header

url redirect

DDoS IPI List - Whitelist NTP Servers

DDoS IPI List - Whitelist DNS Servers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS