So it appears you are trying to validate that a client's IP address matches a specific IP class then right?
You could do the following (note: untested, check the syntax and make sure I haven't gummed something up):
class networks_class {
network 10.10.10.0 mask 255.255.255.0
network 10.10.11.0 mask 255.255.255.0
}
when HTTP_REQUEST {
set my_uri [HTTP::uri]
set my_client [IP::client_addr]
if { $my_uri starts_with "/admin" } {
if { [matchclass $my_client equals $::networks_class] } {
pool admin-pool
}
} else {
discard
}
}
It's a bit cleaner, plus you are using some v4x syntax as well, use pool is now just pool .
I haven't tested this, but the config was accepted, I don't see why it wouldn't work. Best of all, you are using a datagroup which contains the network masks you want to validate against, all you have to do is update the datagroup each time you want to add a new network class, or remove one.