Forum Discussion

Sabir_Alvi's avatar
Icon for Altocumulus rankAltocumulus
Mar 07, 2018

Whitelist Blacklist iRule using data group for multiple clients

We are testing single VIP configuration in our test lab, where single public IP will be assigned to multiple clients, using an iRule with a data group.

iRule looks like this ---


set pool [class match -value -- [HTTP::host] equals test_url]

if {$pool ne ""} {

pool $pool



test_url is data group which has strings mapped to appropriate pools of each client.

For example, string mapped to pool

string mapped to pool

Now the issue is we want to include whitelist/blacklist for these clients in the same iRule if possible or even a separate iRule would be OK. Could someone suggest the syntax for whitelising/blacklisting based on client string and remote IP pair in data group?

For example, if string has client1 and matches dg_whitelist_1, allow.

if string has client2 and matches dg_whitelist_2, allow.

if string has client3 and matches dg_blacklist_1, deny.

There are also clients with no whitelist/blacklist, so it should work just fine for them within same iRule.