Restrict the HTTP access by ip address in data group

Question

I want to restrict the access to the Web server by iRule with data group.
There is a data group "testclient".&nbsp;
I made irules(with some restriction) like below.
When the client ipaddress in "testclient" accesses, can it access to the server in pool A?   
&nbsp;

when HTTP_REQUEST { &nbsp;
if { [HTTP::header exists "X-True-IP"] } {
  set clientip [HTTP::header "X-True-IP"]
 } else {
  set clientip [IP::client_addr]
 }&nbsp;
set uri [ string tolower [HTTP::uri]]&nbsp;
if {([matchclass [IP::client_addr] equals $::testclient])}{
 pool A
 } else { 
 pool B
    } 
 }&nbsp;

stanislas_piro2 · Answer

what version are you working on?&nbsp;
matchclass command is deprecated since version 10 and not working anymore in version 11.X and above.&nbsp;

stanislas_piro2 · Answer

What is the goal of x-true-ip header and uri conversion to lowercase? It is not used in your condition!
when HTTP_REQUEST { 
    if {([class match [IP::client_addr] equals testclient])}{
 pool A
 } else { 
 pool B
    } 
 }

Forum Discussion

Restrict the HTTP access by ip address in data group

2 Replies

Recent Discussions

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

APM OCSP Responder Issues

Related Content

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Restricting access to a virtual server by Public IP address should access through only domain name.

Office 365 Tenant Restrictions

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations