Forum Discussion

adiezma_1656's avatar
adiezma_1656
Icon for Nimbostratus rankNimbostratus
Jan 16, 2012

iRule for access to two ip addresses to a URI

Hi!

 

 

 

I am looking for a way to make a irule.

 

 

Problem:

 

 

I need a irule that only allows access to two IP addresses to a URI. For example , the IP address 192.168.1.10 and 192.168.1.11 should have access to https://domain.doma.in/abc/dfg/index.php .

 

 

 

Only these two ip's can access this path. All other IP addresses must access anywhere but not to the selected URI .

 

 

An example of a i rule, although the syntax is not correct.

 

 

 

when CLIENT_ACCEPTED {

 

if { [IP::client_addr] equals 192.168.1.10 } {

 

pool MY_POOL_A

 

}

 

elseif { [IP::client_addr] equals 192.168.1.11 } {

 

pool MY_POOL_A

 

}

 

}

 

 

 

when HTTP_REQUEST {

 

if { [HTTP::uri] starts_with "/abc/dfg/"} {

 

pool MY_POOL_A

 

}

 

else {

 

default

 

}

 

}

 

}

 

 

 

 

 

 

This rule or similar, it's might work?

 

 

 

Regards

 

 

 

A. Diezma

 

 

 

2 Replies

  • Hi,

    If you define an address data group named allowed_clients_dg with the two IP addresses, you can use an iRule like this to block requests to a specific URI made from clients not in the data group:

    
    when HTTP_REQUEST {
    
     Check for requests to the restricted URI
    if { [HTTP::uri] starts_with "/abc/dfg/"} {
    
     Check if the client IP is not in the allowed clients data group
    if {![class match [IP::client_addr] equals allowed_clients_dg]}{
    
     Send a 403 response
    HTTP::respond 403 content {blocked!
     
      
     Aaron
  • It's worked!!

     

     

    Certainly, the irules are very useful

     

     

    Aaron, Thank you so much.

     

     

    Antonio