cancel
Showing results for 
Search instead for 
Did you mean: 

iRule based upon username and source IP

ShaunS
Nimbostratus
Nimbostratus

So working on an interesting challenge.  We could like to setup a iRule that would do the following.

1. Identify when a connection is made via a specific account that is authenticated by F5

2. Only prevent this account from connecting to the backend server if it comes from a specific IP address

If the account is not from that IP, then F5 will drop the connection attempt.  Anyone have some guidance on best way to handle this?

 

Shaun

2 REPLIES 2

Your description is not detailed but I can think of using the F5 table command  and to save the APM username session variable (session.logon.last.username) to an irule with the commmand ACCESS::session and the source IP address during the authentication and then to allow the traffic or block it based on if the user matches the bad ip address. The table key can be the username and the value the table IP address that the user used to log in.

 

https://community.f5.com/t5/technical-articles/the-table-command-examples/ta-p/278490

https://clouddocs.f5.com/api/irules/ACCESS__session.html

https://community.f5.com/t5/technical-articles/advanced-irules-tables/ta-p/290369

 

 

Maybe helpfull if issues are seen and for ideas:

https://support.f5.com/csp/article/K23154551

https://community.f5.com/t5/technical-forum/irule-to-set-apm-session-variable-for-x-forwarded-for/td...

 

 

LiefZimmerman
Community Manager
Community Manager

@ShaunS - If your post was solved it would be helpful to the community if you selected *Accept As Solution* on the relevant reply (or replies). This helps future readers find answers more quickly and confirms the efforts of those who helped.

Thanks for being part of our community.
Lief

------
Lief ZimmermanLiefZimmerman | @LiefZF5 | DevCentral Community Manager