iRule and Data group URI wildcard matching not working
Hi All,
Can anyone let me know what the issue is here. I am trying to match using a wildcard or anything beyond the top level URI and it's not working
It seems the data group string is only specific only, and anything beyond that it doesn't work.
So what i am trying to do is look at the top level URI (/APP1), and if there is anything beyond that, allow. It should allow at the top level /APP1
and does not care any URI beyond that...
Example not working going beyond the top level URI /APP1:
HTTPS://mysite.com/APP1/ABC/123/home.html
We all know that a site does not end at just the top level /APP1/, as it can go beyond that with the other folders/URI. I just want to
match the top level, and allow anything beyond that. The irule seems to look for only /APP1/ and if you have /APP1/ABC/..... it does not work.
Match or wild card in data group:
/APP1/*
/APP2/*
/APP3/*
Is there a better way to do this within the irule itself for the URIs?
Thanks!
when HTTP_REQUEST {
if [class match [IP::client_addr] equals DG1-BLOCKED-SUBNETS] {
if { not ([HTTP::uri] equals DG2-ALLOWED-URIs]) } {
reject
}
}
}
ltm data-group internal DG1-BLOCKED-SUBNETS {
records {
10.100.100.0/24 { }
10.200.200.0/24 { }
}
type ip
}
ltm data-group internal DG2-ALLOWED-URIs {
records {
/APP1/* { }
/APP2/*{ }
/APP3/*{ }
}
type string
}