Forum Discussion

veredgfbll's avatar
veredgfbll
Icon for Cirrus rankCirrus
Mar 10, 2024

xff and geolocation

If I want to create a dos l7 profile that needs to check the xff header as the source address (I will add an http+xff profile), and I want to exclude a country from the dosL7 policy using an LTM poli...
dos l7
geolocation
ltm policy
x-forwarded-for
xff
veredgfbll's avatar
veredgfbll
Icon for Cirrus rankCirrus

Thank you very much. I will test this irule. I can already say that the LTM policy does not recognize geolocation from xff IPs, so this may be our only option.

Thanks

veredgfbll's avatar
veredgfbll
Icon for Cirrus rankCirrus
Mar 19, 2024

I made some changes as I didn't find any command the was geo::ipcountry.

when HTTP_REQUEST {
    set xff_header [HTTP::header "X-Forwarded-For"]
    if { $xff_header ne "" } {
        # Extract the client IP address from the XFF header
        set client_ip [lindex [split $xff_header ","] 0]
        # Check if the request is *not* coming from the excluded country
        if {!([whereis $client_ip country] equals "country_code") } {
            # enable dos profile
            DOSL7::enable dos
            #return
		} else {
			DOSL7::disable
        }
    }
   }

I need to test it....
Will update.