Forum Discussion
iRule
Cirrus
CirrusWhitelisting access to URLs based on specific IPs
Dear Community,
I have a requrirment to allow access to a specific URI path from few public IPs & all private IPs; remaining public IPs should not be able to access this specific URI path. All other URI paths should be abe to be accessed by any IP whether private or public.
Requirement Example:
"https://abc.com/good/evening/happy/life" should be able to be accessed by four public IPs only & private IPs.
and all other URIs paths than above should be accessable by all public IPs & private IPs.
Hi,
After creating a datagroup for private IP networks and public IPs, you can use iRule or LTM policy.
when HTTP_REQUEST { if { [string tolower [HTTP::uri -normalized] equals "/good/evening/happy/life" && not ([class match [IP::client_addr] equals /Common/datagroupname])} { drop return } }
iRuleHello Enes,
Thank you for your replay.
The iRule which you provided takes care of first part of requirement i.e access to specific URI path allowed from four public IPs & all private IPs.
Please inform do I need to add commadns in iRule to adderss remaning requirment; all other URI paths should be accessable by all public & private IPs.
Regards
Hi,
The iRule drops requests except certain IP addresses for the certain url. If there is no match with the if statement, requests will be forwarded to the default pool. iRule does not require any extra code.
It might be better to use path instead of uri.when HTTP_REQUEST { if { [string tolower [HTTP::path -normalized] equals "/good/evening/happy/life" && not ([class match [IP::client_addr] equals /Common/datagroupname])} { drop return } }For the following URL:
http://www.example.com:8080/main/index.jsp?user=test&login=checkThe URI is:
/main/index.jsp?user=test&login=check
The path is:
/main/index.jsp
The query is:
user=test&login=check
