Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Blocking Traffic based on Geo Location

Jaspreetgurm
Altocumulus
Altocumulus

‎14-Jul-2021 01:17

I have requirement to block the traffic to a particular https path (Page) via iRule on WAF device in order to restrict the access of below url from all other geo location aspect Thailand country .

 

Can someone help on this. I have write below iRule.

 

 

when HTTP_REQUEST {

  if { [string tolower [HTTP::uri]] equals "http://abc.com/job-request/" && [whereis [IP::client_addr] country] ne "TH" } {

    drop

{

else {

#log local0. "The page is restricted"

}

}

Labels:
0 Kudos
7 REPLIES 7

SanjayP
MVP
MVP

‎14-Jul-2021 03:33 - last edited on ‎04-Jun-2023 19:22 by Fog

iRule looks fine with few modifcations to uri and closing braces. Also, please check with the requestor if it should be explicit URL "/job-request/" or wildcard (i.e anything after) "/job-request*".

If it's a wildcard, replace "eq" with "starts_with"

when HTTP_REQUEST {
 if { ([string tolower [HTTP::uri]] eq "/job-request") and ([whereis [IP::client_addr] country] ne "TH") } {
  drop
 }  else {
   return
  }
}
 
 
 
0 Kudos

Jaspreetgurm
Altocumulus
Altocumulus
In response to SanjayP

‎15-Jul-2021 02:00

Thanks Sanjay for replying.

 

/"/job-request" is specific path which needs to be restricted. So could you please advise if eq is suffice the needs or shall this change to starts_with ?

 

0 Kudos

SanjayP
MVP
MVP
In response to Jaspreetgurm

‎15-Jul-2021 02:19

yes. eq would be okay.

0 Kudos

Jaspreetgurm
Altocumulus
Altocumulus
In response to Jaspreetgurm

‎16-Jul-2021 00:32

I am allowing traffic only TH country, so I believe the action should be allow and else should be drop like below

 

{

 allow

 } else { drop

   }

}

0 Kudos

SanjayP
MVP
MVP
In response to Jaspreetgurm

‎16-Jul-2021 00:38

Since your iRule has use "ne" (not equal) operator for checking the Country, it's dropping on first condition. You can modify the operator to check just for TH country using "eq" operator to drop on else condition. Both should be fine.

0 Kudos

Jaspreetgurm
Altocumulus
Altocumulus
In response to Jaspreetgurm

‎16-Jul-2021 00:41

when HTTP_REQUEST {

 if { ([string tolower [HTTP::uri]] eq "/job-request") and ([whereis [IP::client_addr] country] ne "TH") } {

 drop

 } else {

  return

  log local0. "[IP::remote_addr]"

 }

}

 

is this fine ?

0 Kudos

SanjayP
MVP
MVP
In response to Jaspreetgurm

‎16-Jul-2021 00:50

yes. you can test it using vpn to select another Country. Also, I would disable logging unless needed for troubleshooting.

0 Kudos
Copyright © 2023 Khoros, LLC