cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Redirect the request from specific IP to URI

Sarovani
Cirrostratus
Cirrostratus

Hi Team ,

 

we have 2 different applications hosted on the server , that can be accessed through 2 URI :

/ckpartner

/cklauncher

 

On f5 we want to redirect all requests coming from specific IP or subnet to www.example.fr/ckpartner

 

www.example.fr/cklauncher do not have to be exposed on the Internet so request should only go to /ckpartner

 

Can you please help me with irule for this redirect .

4 REPLIES 4

MW1
Cirrus
Cirrus

Not sure if I am quite following what you are after on the cklauncher section as called out below the second section will block any request to the /cklauncher

 

when HTTP_REQUEST { #if the request is not to /ckpartner and from the specfied ip or subnet if { ![string tolower [HTTP::uri]] starts_with "/ckpartner" && ( [IP::addr [IP::client_addr] eq 1.1.1.0/255.255.255.0]) } { # redirect the request log local0. "issuing redirect request to [HTTP::host][HTTP::uri] from [IP::client_addr]" HTTP::redirect https://[getfield [HTTP::host] ":" 1]/ckpartner } # if the request is to /cklauncher block the request if { [string tolower [HTTP::uri]] starts_with "/cklauncher" } { # block the request -- though this will block anything external or internal hitting the URI are you sure this is what you want? log local0. "blocking request to [HTTP::host][HTTP::uri] from [IP::client_addr]" reject } }

 

Thank you Mw ,

 

 

We want all the request comming to www.example.fr from specific source 10.10.10.1 to get redirected to www.example.fr/ckpartner/ and this should be logged .

 

Can you please check if the below Irule we can achieve this ?

 

when HTTP_REQUEST {

if { ([IP::addr [IP::client_addr] equals 10.10.10.1]) && ([HTTP::host] starts_with "www.example.fr") } {

log local0.

set newUri [string map {"/" "ckpartner/"} [HTTP::uri]]

HTTP::uri $newUri

}

}

HI MW,

 

I used this Irule which you have given , I removed "!" and changed "/cklauncher/" it worked for us ( Means redirect from "/cklauncher/" to "/ckpartner" works ...But now we want anything coming for www.example.com to get redirected to uri "/ckpartner/" and block "/cklauncher/"

 

 

  1. when HTTP_REQUEST {
  2. #if the request is not to /ckpartner and from the specfied ip or subnet
  3. if { [string tolower [HTTP::uri]] starts_with "/cklauncher/" && ( [IP::addr [IP::client_addr] eq 1.1.1.0/255.255.255.0]) } {
  4. # redirect the request
  5. log local0. "issuing redirect request to [HTTP::host][HTTP::uri] from [IP::client_addr]"
  6. HTTP::redirect https://[getfield [HTTP::host] ":" 1]/ckpartner
  7. }

 

Thanks for your help ,

 

My requirement is currently working with below Irule but I would like to add Datagroup to below Irule so that I can filter more external IP's

Could you please help me modify this irule .

I tried but I got error "variable reference required preeciding $"

 

 

 

when HTTP_REQUEST {

if {

                 ([IP::client_addr] contains "10.10.10.1%70") && ([string tolower [HTTP::uri]] contains "/cklauncher/")

                                  }

                                               {

                drop

}                                                             

elseif { [string tolower [HTTP::path]] equals "/" && ( [IP::addr [IP::client_addr] equals 10.10.10.1%70]) } {

# redirect the request

log local0. "issuing redirect request to [HTTP::host][HTTP::uri] from [IP::client_addr]"

HTTP::redirect https://[getfield [HTTP::host] ":" 1]/ckpartner/

}

}