Irule to allow specific IPs
I have a site which is abc.com Trying to achieve below requirements- 1) If uri is / it should redirect to abc.com/xyz - open for all 2) If uri is /rdp_xyz_tshoot should accessible to internal network - (here we can use the datagroup list) As this site is migrated to akamai where they have requirement to use below irule- when HTTP_REQUEST { if { [HTTP::header exists True-Client-IP] } { set trueclientip [HTTP::header True-Client-IP] HTTP::header replace X-Forwarded-For $trueclientip } } Cause for above akamai irule= Normally the True-Client-IP header includes the real IP of the clients when requests are coming from Akamai. It will be unaffected and be sent as part of the request to the pool member. So, your backend servers could look for that header and do something with its value. However, if you want the F5 to translate it to the X-Forwarded-For header, you can use an iRule to convert the Akamai True-Client-IP header to the X-Forwarded-For header. we are trying with below irule which is not working- when HTTP_REQUEST { if { ([HTTP::uri] starts_with "/rdp_xyz_tshoot") && (not[class match [IP::client_addr] equals allowed_IPs])} { reject } if { [HTTP::uri] == "/" } { HTTP::redirect "https://[HTTP::host]/abc_login.jsp" } } Please help
How to still get alerts from an allowed JSON profile?
I have a configuration similar to below in ASM v12, and would like to be able to still get an alert when the exact attack signature would be met: /allowed/url.html with header based JSON profile "allow SQL signature X" This "SQL signature X" is in blocking for the rest of the site, but I would still like to get an alert if it is seen on the /allowed/url.html Is it possible for that to happen, or since it is in the allowed url in the JSON profile is that not an option? Thanks!
VLAN configured but not in hypervisor allowed list
Hi, I am creating a net guest in our LTM VCMP environment. I first created the Vlan in the VCMP environment (shared partition) and attributed it to a specific route-domain. When creating the VLAN in the partition shared I got Following message: Vlan (/shared/FL_exchange:18) is configured, but NOT on hypervisor allowed list. And indeed when I do a "show net vlan-allowed" my vlan is not in the allowed list. How can I connect my shared VLAN to the vlan allowed list? Thanks