irule with source IP

Question

Hi I new in F5,  I need help to configure an IP irule with Origin, it is routed to a particular node with its respective port.&nbsp;
Thank for the help.&nbsp;

kevin_stewart · Answer

Are you referring to a NAT or a virtual server implementation?&nbsp;

johann_araujo · Answer

I mean A Virtual Server implementation. I need depending on what source IP Determined send a node without. thanks&nbsp;

hooleylist · Answer

Here's an example iRule:&nbsp;
https://devcentral.f5.com/wiki/iRules.AccessControlBasedOnNetworkOrHost.ashx&nbsp;
Or you could look at AFM for a fully featured firewall approach:&nbsp;
http://www.f5.com/products/big-ip/big-ip-advanced-firewall-manager/overview/&nbsp;
Aaron&nbsp;

kevin_stewart · Answer

A very basic implementation might look something like this:

Define an address-based data group. Example (my_ip_datagroup):
10.10.10.10 := 192.168.42.10 80
10.10.10.11 := 192.168.42.11 80
10.10.10.12 := 192.168.42.12 80
...

Create an iRule:
when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals my_ip_datagroup] } {
        node [class match -value [IP::client_addr] equals my_ip_datagroup]
    }
}

Forum Discussion

irule with source IP

4 Replies

Recent Discussions

google-visualization-issues

The best load balance method on this scenario?

SMS server with BIGIP

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

Related Content

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

F5 XC vk8s open source nginx deployment on RE

iControl Library For Java With Source

No Source configuration available when upgrading from 15.1.9.1 to 15.1.10.2

Hey ChatGPT, can you write iRules?