Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Icon for Cirrus rank

Cirrus

Jul 21, 2022

Solved

Whitelist certain inbound IPs

Could someone verify if this syntax is correct, please?

I am looking to only permit certain source IPs contained in the data group "abc_ips" when navigating to a URL and dropping anything else.

when HTTP_REQUEST {
	if { [class match [IP::client_addr] eq "abc_ips" ] } { 
		return
	} else {
		drop
	}
  }

Mayur_Sutare
Jul 21, 2022
Hi PG0581 ,

Yes, syntax looks good to me. Additionally, you can even add the response page with some message to the unwanted source IP addresses who are trying to access it. Just a suggetion in case you need it. Thanks!

2 Replies

Mayur_Sutare
MVP
Jul 21, 2022
Hi PG0581 ,

Yes, syntax looks good to me. Additionally, you can even add the response page with some message to the unwanted source IP addresses who are trying to access it. Just a suggetion in case you need it. Thanks!
- PG0581
  Cirrus
  Jul 21, 2022
  Great! and thanks for the feedback Mayur_Sutare

Jonathan - March 2026 Featured Member

DevCentral News

featured member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

DevCentral News

2026 F5 DevCentral MVP Announcement

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5