cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Help needed for irule to deny wildcard uri with exceptions

Danish
Altocumulus
Altocumulus

Hi folks,

 

Need your advise on creating an irule for the below requirement

 

need to block the following uri cloud.du.ae/cloud/* with an exception if SAML appears in the URI

 

like lets say cloud.du.ae/cloud/abc/saml should be allowed but all other URI's with /cloud should be blocked

 

Thanks in advance.

2 REPLIES 2

Simon_Blakely
F5 Employee
F5 Employee

Use a Local Traffic Policy with a First Match strategy.

 

K15085:  Overview of the Local Traffic Policies feature (11.4.0 - 12.0.0)

 

Create a rule with conditions

hostname is cloud.du.ae

HTTP URI begins with cloud

HTTP URI contains saml

 

that forwards traffic to the pool

 

0691T000008szuFQAQ.png

 

Create a second rule to redirect requests starting with cloud to somewhere else (or drop the request)

 

 0691T000008szuAQAQ.png

 

Finally add a final default rule that forwards all requests to the pool.

 

 0691T000008szu0QAA.png

Order your rules so that they match in correct order:

 0691T000008szu5QAA.png

Works perfectly. Thanks a lot Simon 🙂