Forum Discussion

Icon for Cirrus rank

Cirrus

Jul 21, 2022

Whitelist certain inbound IPs

Could someone verify if this syntax is correct, please?

I am looking to only permit certain source IPs contained in the data group "abc_ips" when navigating to a URL and dropping anything else.

when HTTP_REQUEST {
	if { [class match [IP::client_addr] eq "abc_ips" ] } { 
		return
	} else {
		drop
	}
  }

Mayur_Sutare
Jul 22, 2022
Hi PG0581 ,

Yes, syntax looks good to me. Additionally, you can even add the response page with some message to the unwanted source IP addresses who are trying to access it. Just a suggetion in case you need it. Thanks!

Mayur_Sutare
MVP
Jul 22, 2022
Hi PG0581 ,

Yes, syntax looks good to me. Additionally, you can even add the response page with some message to the unwanted source IP addresses who are trying to access it. Just a suggetion in case you need it. Thanks!
- PG0581
  Cirrus
  Jul 22, 2022
  Great! and thanks for the feedback Mayur_Sutare

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming