31-Mar-2022 23:46
please help me to create Irule below requirement.
If <sourec ip1 >or <source ip2> IPs are the sourceAddress and Host header is either <x.x.x.x>or <Y.Y.Y.Y> then you have to allow the communication. Other than <sourec ip1 > and <source ip2> IPs, rest of the IPs will be blocked if they are having IP in the host header.
01-Apr-2022 02:58
Hello networksecurity2022.
Try this
when HTTP_REQUEST {
if { ([IP::client_addr] eq "<sourec ip1>") || ([IP::client_addr] eq "<sourec ip2>") } {
if { !(([HTTP::host] eq "<x.x.x.x>") || ([HTTP::host] eq "<y.y.y.y>")) } {
reject
}
}
}
01-Apr-2022 05:42
01-Apr-2022 10:25
01-Apr-2022 11:50
Hello.
Check this one.
Rejects everything to those IPs (<x.x.x.x> or <y.y.y.y>) in the host header, except if the source is one of those IPs (<source ip1> or <source ip2>)
when HTTP_REQUEST {
if { ([HTTP::host] eq "<x.x.x.x>") || ([HTTP::host] eq "<y.y.y.y>") } {
if { !(([IP::client_addr] eq "<sourec ip1>") || ([IP::client_addr] eq "<sourec ip2>")) } {
reject
}
}
}