Forum Discussion
naladar_65658
Aug 12, 2010Altostratus
Sorry I meant to comment on this earlier Chris, I just didn't get a chance. If I were going to tackle this I would plan on future expansion and changes. That would be easy to do using datagroups I think. I know it is different in version 10.x, but in 9.4 I would create one datagroup called "valid_uri", put /sample in it and/or /sample/
Then create another data group called "valid_addresses" that you can plug your 1.1.1.1 in to. Using the iRule below, it would check to see if the URI matches, if the address is coming from the valid address if the port is NOT 443, drop that request. Not real elegant looking, but it would definitely be able to be expanded in the future. You may have to check the iRule for bracket issues, I don't have a BIG-IP in front of me at the moment to test compile....
when HTTP_REQUEST {
set header_uri [string tolower [HTTP::uri]]
if { ([matchclass $header_uri starts_with $::valid_uri]) && ([matchclass [IP::client_addr] equals $::valid_addresses]) && not ([matchclass [TCP::local_port] equals 443])} {
discard
}
}