I-rule not working

Question

Hi &nbsp;
 &nbsp;
I have a i-rule to allow multiple ports but for some reason it's not working... i can connect on any port&nbsp;
when CLIENT_ACCEPTED {  &nbsp;
    if {  [TCP::client_port] == 8300 or  [TCP::client_port] == 8301 or [TCP::client_port] == 8401 or [TCP::client_port] == 8881 or [TCP::client_port] == 8880 or [TCP::client_port] == 8731 or [TCP::client_port] == 8732 or [TCP::client_port] == 4353 or [TCP::client_port] == 8733 or [TCP::client_port] == 8525 } {  &nbsp;
       drop  &nbsp;
    } &nbsp;
 }&nbsp;

what_lies_bene1 · Answer

More than two 'or' statements really isn't manageable. Can I suggest you create a Data Group of the ports you want to deny and use this;
when CLIENT_ACCEPTED { if { [class match [string [TCP::client_port] equals denied-ports ] } { drop } }

what_lies_bene1 · Answer

Actually, I think it should be TCP::local_port; 
 when CLIENT_ACCEPTED {
 if { [class match [string [TCP::local_port] equals denied-ports ] } {
   drop }
}

Forum Discussion

I-rule not working

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

i-rule header insert - APM

I-rule for adapt request "response page"

F5 iRUule not working

How do I know the rule name of the blocked rule ID in AWS F5 WAF?

monitor does not work https