iRule to block IP and URL

Question

Hi,
I want an iRule to block a set of IP's hitting a set of url's and log the blocking
Could you please check the below iRule and update if any error.
when HTTP_REQUEST {

set url [HTTP::host][HTTP::uri]

if {[class match $url contains blocklist_url] and [class match [IP::client_addr] equals restrict_ip]} {

drop
 log local0. "Blocking clientIP:[IP::client_addr] trying to access $url"
 }
}

lee_sutcliffe · Answer

The variable $url will not contain the protocol (HTTP or HTTPS)&nbsp;
It will contain a value such as this:&nbsp;
&nbsp;
This isn’t an issue but you need to make sure you have configured your data group to use this format. &nbsp;
Other than that, looks ok. Just try it!&nbsp;

youssef1 · Answer

Hi,&nbsp;
It looks ok, you confirm that you ant to block a specific IP AND URL (AND and not OR)?&nbsp;
You can also achieve your need using ltm Policy...&nbsp;
regards&nbsp;

Forum Discussion

iRule to block IP and URL

2 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

MS Exchange ProxyNotShell block implemented via iRules

Block traffic

iRule - Block part of a query

domain blocking

Block IP after a number of ASM Blocks