using irule and datagroup to allow/restric access to http::path
I want to use an irule to select the pool based on http::path; and i also need to restrict access to certain parts (namely /em and /console ) with an IP-allowed datagroup. The irule appears to not work & i dont know what is going wrong. If i remove the 'datagroup' part it works; but everyone is allowed access. i need to restrict that to /em and /console.
In the OBIEE-Allowed_access is 1 datagroup (network) witth in in 192.168.0.0/16 & 1 dedicated test ip.
when HTTP_REQUEST { if { [HTTP::path] equals "/" } { HTTP::redirect "/analytics/" } if { [HTTP::path] starts_with "/analytics" } { log local0. " .. starts_with /analytics" pool BI02-9003-Pool } if { not ([class match [IP::client_addr] equals OBIEE_Allowed_Access]) } { log local0. "[IP::client_addr] is not permitted to site /EM or /CONSOLE" drop } if { [HTTP::path] starts_with "/em" } { log local0. " .. starts_with /em" pool BI02-9001-Pool } if { [HTTP::path] starts_with "/console" } { log local0. " .. starts_with /console" pool BI02-9001-Pool } }
Thanks!