Johann_Araujo
Aug 19, 2013Nimbostratus
irule with source IP
Hi I new in F5, I need help to configure an IP irule with Origin, it is routed to a particular node with its respective port.
Thank for the help.
Hi I new in F5, I need help to configure an IP irule with Origin, it is routed to a particular node with its respective port.
Thank for the help.
Are you referring to a NAT or a virtual server implementation?
I mean A Virtual Server implementation. I need depending on what source IP Determined send a node without. thanks
Here's an example iRule:
https://devcentral.f5.com/wiki/iRules.AccessControlBasedOnNetworkOrHost.ashx
Or you could look at AFM for a fully featured firewall approach:
http://www.f5.com/products/big-ip/big-ip-advanced-firewall-manager/overview/
Aaron
A very basic implementation might look something like this:
Define an address-based data group. Example (my_ip_datagroup):
10.10.10.10 := 192.168.42.10 80
10.10.10.11 := 192.168.42.11 80
10.10.10.12 := 192.168.42.12 80
...
Create an iRule:
when CLIENT_ACCEPTED {
if { [class match [IP::client_addr] equals my_ip_datagroup] } {
node [class match -value [IP::client_addr] equals my_ip_datagroup]
}
}