Forum Discussion

iRule's avatar
iRule
Icon for Cirrus rankCirrus
Nov 23, 2023

Whitelisting access to URLs based on specific IPs

Dear Community, I have a requrirment to allow access to a specific URI path from few public IPs & all private IPs; remaining public IPs should not be able to access this specific URI path. All other...
@ASM
application
application delivery
waf
iRule's avatar
iRule
Icon for Cirrus rankCirrus

Hello Enes,

Thank you for your replay.

The iRule which you provided takes care of first part of requirement i.e access to specific URI path allowed from four public IPs & all private IPs.

Please inform do I need to add commadns in iRule to adderss remaning requirment; all other URI paths should be accessable by all public & private IPs.

Regards

Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Nov 25, 2023

Hi,

The iRule drops requests except certain IP addresses for the certain url. If there is no match with the if statement, requests will be forwarded to the default pool. iRule does not require any extra code.
It might be better to use path instead of uri.

when HTTP_REQUEST {
	if { [string tolower [HTTP::path -normalized] equals "/good/evening/happy/life" && not ([class match [IP::client_addr] equals /Common/datagroupname])} {
		drop
		return
	}
}

For the following URL:
http://www.example.com:8080/main/index.jsp?user=test&login=check

The URI is:
/main/index.jsp?user=test&login=check
The path is:
/main/index.jsp
The query is:
user=test&login=check

  • Daniel_Wolf's avatar
    Daniel_Wolf
    Icon for MVP rankMVP
    Nov 25, 2023

    Upvote for explaining URI vs path vs query. The information is out there... but nobody seems to care or to google.