04-Jun-2020 04:23
Hi,
I have a Virtual Server setup with SSL (client and Server) Profile.
Virtual Server : https://abc.com
There is an extension to this URL for a specific application https://abc.com/iauth-token. I want to setup a reverse proxy setup where
From ANY to https://abc.com - Allow
From 1.1.1.1/32 to https://abc.com/iauth-token - Allow
From ANY to https://abc.com/iauth-token - DENY.
Is that possible with URI based restriction with iRule and how can that be done?
04-Jun-2020 07:49
Hello,
First create one DataGroup list of IP addresses to be allowed and map it under Below iRule.
when HTTP_REQUEST {
if {[HTTP::uri] eq "/iauthtoken"}
{
if {not ([class match [IP::client_addr] equals Allow-List])} {
HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close
TCP::close
}
}
}
Above iRule will allow access to mentioned URI from addresses which are part of Allow-List data group. Rest traffic should work w/o any issue.
Hope it works!
Mayur