You can replace condition
[string tolower [HTTP::query]] contains "redirect=/admin"
with (this will search
redirect
parameter in query string and filter on the parameter value)
[string to lower [URI::query [HTTP::uri] redirect]] starts_with "/admin"
or
[string to lower [URI::query [HTTP::uri] redirect]] equals "/admin"
One other recommendation is to filter on HTTP::path instead of HTTP::uri if login string is in path part of the URI.
The final iRule can be:
when RULE_INIT {
set static::admin_datagroup "admin_datagroup"
}
when HTTP_REQUEST {
if {([HTTP::path] ends_with "/login/") && ([string to lower [URI::query [HTTP::uri] redirect]] starts_with "/admin")&& ! [class match [IP::client_addr] equals $static::admin_datagroup]} {
HTTP::respond 404
}
}