F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

mj16othman's avatar
mj16othman
Icon for Altostratus rankAltostratus
May 17, 2022

Irule to match a Domain

Guys I really need your help. Im currently working on a request. Lets say i have the below URL  https://abd.com/files/jaskjaskjsakjasjk.jpg Customers are asking me to disable anything that comes af...
application delivery
cloud
devops
security
Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
May 18, 2022

Hi mj16othman,

you could use this iRule.

 

when HTTP_REQUEST {
    if { [string tolower [HTTP::host][HTTP::path]] starts_with "abc.com/files" } {
        switch -glob [string tolower [HTTP::path]] {
            "*.gif" -
            "*.jpg" -
            "*.jpeg" -
            "*.png" {
                # Drop if URI ends with a static file type
                drop
            }
            default {
                return
            }
        }   
    }    
}

 

If you want to filter by source IP, I would do this inside the switch statement with a datagroup matching.
However... how will you get all the IP addresses from Amazon, Twitter and so on?

  • You could do a reverse lookup and check whether the IP belongs to Amazon or similar. - with an awful penalty on performance of the iRule and no guarantee that this is a 100% solution. Not all IPs have reverse records.
  • You could check if they have an API (example: https://ip-ranges.amazonaws.com/ip-ranges.json) and convert them to a datagroup. Requires automation.
  • You could also implement the whole thing with APM. Again - how to get the list of allowed source IPs?

KR
Daniel