Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Block sites but allow access to specific IP'S

Eliran_A
Nimbostratus
Nimbostratus

‎17-Feb-2020 02:12

Hi All

 

I am trying to setup IRule to block website to all ip's except my offices IP

I created the IRule but for some reason it's blocking also the office IP'S

anyone have Idea why it's happen?

the test_allow_IP is a data group i created with all the offices IP.

 

when HTTP_REQUEST { 

set low_host [string tolower [HTTP::host]]

if {(( $low_host starts_with "www.example.com.au" ) || ( $low_host starts_with "example.com.au" ) ) && ( not [class match [IP::client_addr] equals test_allow_IP] )} {

HTTP::respond 404 content "Blocked by irule" log local0. "$low_host traffic has come from blocked subnet"

}

 

Labels:
0 Kudos
2 REPLIES 2

iaine
MVP
MVP

‎17-Feb-2020 04:28

Hi

 

Your code looks ok. What does your data group look like?

If you change your log line slightly so that it includes the client ip, can you see it getting caught in your data group subnets?

 

log local0. "$low_host traffic has come from blocked subnet - [IP::client_addr]"

0 Kudos

ragunath154
Cirrus
Cirrus

‎18-Feb-2020 09:28

i think you need one more condition

when HTTP_REQUEST { 

set low_host [string tolower [HTTP::host]]

if {(( $low_host starts_with "www.example.com.au" ) || ( $low_host starts_with "example.com.au" ) ) && ( not [class match [IP::client_addr] equals test_allow_IP] )} {

HTTP::respond 404 content "Blocked by irule" log local0. "$low_host traffic has come from blocked subnet"

}

else {

return

}

}

0 Kudos
Copyright © 2023 Khoros, LLC