Forum Discussion
1 Reply
Sort By
Hi,
It's easier to do with iRule or LTM policy.
when HTTP_REQUEST { if { not ([class match [IP::client_addr] equals /Common/private_net]) } { switch -glob [HTTP::uri] { "/abc/asdf/morning/*" - "/abc/asdf/evening/*" { return } default { drop return } } } }
If you want to do it with WAF, you need two WAF policy. One for the internal network, the other for the external network. And you need to set these policies with LTM policy or iRule.
In the external waf policy, you should to add the allowed URLs and remove the wildcard URL in the Allowed URLs list.
Illegal URL violation values must be enable in Learning and Blocking Settings.