cancel
Showing results for 
Search instead for 
Did you mean: 

Reverse Proxy iRule to restrict the access on IP

Anis_Bhambhani
Nimbostratus
Nimbostratus

Hi,

I have a Virtual Server setup with SSL (client and Server) Profile.

 

Virtual Server : https://abc.com

 

There is an extension to this URL for a specific application https://abc.com/iauth-token. I want to setup a reverse proxy setup where

 

From ANY to https://abc.com - Allow

From 1.1.1.1/32 to https://abc.com/iauth-token - Allow

From ANY to https://abc.com/iauth-token - DENY.

 

Is that possible with URI based restriction with iRule and how can that be done?

 

 

 

 

1 REPLY 1

Hello,

 

First create one DataGroup list of IP addresses to be allowed and map it under Below iRule.

 

when HTTP_REQUEST {

if {[HTTP::uri] eq "/iauthtoken"} 

{

if {not ([class match [IP::client_addr] equals Allow-List])} {

HTTP::respond 403 content "<html><body>Access not permitted</body></html>" Connection Close

TCP::close

}

}

}

 

Above iRule will allow access to mentioned URI from addresses which are part of Allow-List data group. Rest traffic should work w/o any issue.

 

Hope it works!

Mayur