Forum Discussion
cammy_178041
Apr 21, 2015Nimbostratus
Thanks, the rule is being applied to the smtp virtual server which is only port 25. I wrote it like so: when CLIENT_ACCEPTED {
if { [matchclass [IP::client_addr] equals trusted_networks] } {
pool smtp_pool
} else {
reject
} }
Where trusted_networks is the data group and smtp_pool is the pool associated with the virtual server. I applied this irule to the VS.
- DEJApr 21, 2015NimbostratusLooks good. I do have a suggestion. I'm guessing you're on 10.x code , if you're using 9.x ignore the rest of this. Switch to using 'class match' instead of 'matchclass', from posts I've seen it can cause issues when you migrate to 11.x code. There are also tests posted online indicating class match has better performance. Links used for research below: https://devcentral.f5.com/articles/comparing-irule-control-statements https://devcentral.f5.com/wiki/irules.matchclass.ashx