iRule to selectively allow limited access by client IP
I have an application which is internet accessible but the application team has asked me to limit access to specific URIs based upon client ip. I just cannot seem to get the logic right. I am using the default data group private_net and a second string data group called allowed-uri-list which lists the allowed URIs for Internet users. when HTTP_REQUEST { if { {[class match [IP::client_addr] eq private_net ]} } { # allow access }elseif { {[class match [HTTP::uri] equals allowed-uri-list ]}} { #allow access } else { HTTP::respond 404 } } I keep getting http errors for no response and the tcl engine doesn't like my first if. What am I doing wrong?
