Allowing specific source to specific uri and deny rest all
Hi All, We need an irule that can allow only specific source IP’s to access specific URI and deny to others. For example Data Group Source IP: 10.1.1.1 [DG1] URI: https://www.testdev.com/services/user1.html
Action: Allow
Data Group Source IP: 10.2.1.1 [DG2] URI: https://www.testdev.com/services/user2.html
Action: Allow
Data Group Source IP: 10.3.1.1 [DG3] URI: https://www.testdev.com/services/user3.html
Action: Allow
Source IP: Any
Action: Block all
Below is the irule that I am using, but no luck
when HTTP_REQUEST { if { [class match [IP::client_addr] equals DG1] } { HTTP::redirect " ;
if { [class match [IP::client_addr] equals DG2] } { HTTP::redirect ";
if { [class match [IP::client_addr] equals DG3] } { HTTP::redirect ";
if {[HTTP::uri] contains "/" || [HTTP::uri] contains "services"} { if {not[class match [IP::client_addr] } { log local0. " Blocked src=[IP::client_addr] src_port=[TCP::client_port],agent= HTTP::header value User-Agent]"
return
} }
Thanks..