country_http_block

Problem this snippet solves:

The following is an example of an iRule that will allow you to block a list of countries that are not allowed to access your web site.

$::country_block is a datagroup of a list of countries that should be blocked. (ie. US)

Uncomment the option you wish to use. You may drop the connection, reject, 403 response, or redirect them to a "We're sorry" page.

Uncomment the log line if you wish to log the IP addresses of the client's being blocked.

Code :

when HTTP_REQUEST {
    if { [matchclass [whereis [IP::client_addr] country] eq $::country_block] } {

       #Uncomment which block option you prefer to use.

       # Drop the connection 
       #drop 

       # Reset the connection 
       #reject 

       # Send a 403 response 
       HTTP::respond 403 Content {Not allowed}

       # Redirect somewhere else
       #HTTP::redirect "http://blah.com/sorry.html"

       #Uncomment the line below to turn on logging, comment with a # to turn off logging.

       #log local0.  "Blocked Country client IP: [IP::client_addr]"
    }
}
Published Mar 17, 2015
Version 1.0
application delivery
devops
iRules

Was this article helpful?

No CommentsBe the first to comment