Forum Discussion

Justin_106597's avatar
Justin_106597
Icon for Nimbostratus rankNimbostratus
Jan 15, 2015

irule to allow clients listed in data group and drop other clients and also allow all clients only within a specific port range?

We have a forwarding ip vserver that currently has an irule that references a data group to check if the client ip exists in the data group, if it does it forwards the traffic to the server else it drops. This ensures users can't bypass the f5 and access the server(s) directly unless your an admin.

 

I now need to edit this irule to allow any client to access these servers only on ports 50,000 to 59,999 ports.

 

Is it possible to have the irule allow admins to access these servers if they are in the data group but drop other clients and allow all clients only on ports 50,000 to 59,999

 

18 Replies