Forum Discussion

Alan_B__139698's avatar
Alan_B__139698
Icon for Altostratus rankAltostratus
Jan 28, 2019

iRule trouble - Redirecting IPs not matching data group

I applied an iRule to redirect incoming traffic not matching IPs in a data group (ex. 20.x.x.x) to a default page. However, when I test it via wireless (172.x.x.x), I'm not getting redirected. The iRule's applied to two vservers (they use port 8000 and 8089) connections via HTTP. I verified my wireless connection's IP when hitting the vserver via a tcpdump.

 

This is the iRule...does this look correct? Would there be a better way to do it?

 

when HTTP_REQUEST { if { not ([class match [IP::remote_addr] equals site_restrict]) } { HTTP::redirect "; }

 

}

 

Thanks!

 

1 Reply

  • Use logging in order to log your incoming IP address. This will help you to better verify the incoming source address as there is a chance that the source IP can get proxy'd through a different IP address.

     

    If you want to redirect based on incoming IP address, why not use the CLIENT_ACCEPTED event instead of HTTP_REQUEST ?