cancel
Showing results for 
Search instead for 
Did you mean: 

Whitelist certain inbound IPs

PG0581
Altocumulus
Altocumulus

Could someone verify if this syntax is correct, please? 

I am looking to only permit certain source IPs contained in the data group "abc_ips" when navigating to a URL and dropping anything else. 

 

 

 

when HTTP_REQUEST {
	if { [class match [IP::client_addr] eq "abc_ips" ] } { 
		return
	} else {
		drop
	}
  }

 

 

 

 

1 ACCEPTED SOLUTION

Hi @PG0581 ,

Yes, syntax looks good to me. Additionally, you can even add the response page with some message to the unwanted source IP addresses who are trying to access it.  Just a suggetion in case you need it. Thanks!

View solution in original post

2 REPLIES 2

Hi @PG0581 ,

Yes, syntax looks good to me. Additionally, you can even add the response page with some message to the unwanted source IP addresses who are trying to access it.  Just a suggetion in case you need it. Thanks!

Great! and thanks for the feedback @Mayur_Sutare