I applied an iRule to redirect incoming traffic not matching IPs in a data group (ex. 20.x.x.x) to a default page. However, when I test it via wireless (172.x.x.x), I'm not getting redirected. The iRule's applied to two vservers (they use port 8000 and 8089) connections via HTTP. I verified my wireless connection's IP when hitting the vserver via a tcpdump.
This is the iRule...does this look correct? Would there be a better way to do it?
when HTTP_REQUEST {
if { not ([class match [IP::remote_addr] equals site_restrict]) } {
HTTP::redirect ";
}
Use logging in order to log your incoming IP address. This will help you to better verify the incoming source address as there is a chance that the source IP can get proxy'd through a different IP address.
If you want to redirect based on incoming IP address, why not use the CLIENT_ACCEPTED event instead of HTTP_REQUEST ?
