Irule to match a Domain

mj16othman · ‎17-May-2022

Guys I really need your help. Im currently working on a request. Lets say i have the below URL

https://abd.com/files/jaskjaskjsakjasjk.jpg

Customers are asking me to disable anything that comes after the /files that has an image extension like jpg, pdf and png, from anyone communicating from the outside, except for internal IPs and Several domain like amazon, twitter, should have access to the above URL.

I had some luck on confguring it on the LTM policies section, but i couldnt match the domain. So is there an irule which will work on this.

Daniel_Wolf · ‎18-May-2022

Hi @mj16othman,

you could use this iRule.

when HTTP_REQUEST {
    if { [string tolower [HTTP::host][HTTP::path]] starts_with "abc.com/files" } {
        switch -glob [string tolower [HTTP::path]] {
            "*.gif" -
            "*.jpg" -
            "*.jpeg" -
            "*.png" {
                # Drop if URI ends with a static file type
                drop
            }
            default {
                return
            }
        }   
    }    
}

If you want to filter by source IP, I would do this inside the switch statement with a datagroup matching.
However... how will you get all the IP addresses from Amazon, Twitter and so on?

You could do a reverse lookup and check whether the IP belongs to Amazon or similar. - with an awful penalty on performance of the iRule and no guarantee that this is a 100% solution. Not all IPs have reverse records.
You could check if they have an API (example: https://ip-ranges.amazonaws.com/ip-ranges.json) and convert them to a datagroup. Requires automation.
You could also implement the whole thing with APM. Again - how to get the list of allowed source IPs?

KR
Daniel

DevCentral

Irule to match a Domain

Khoros Kudos Award 2022