This iRule looks good. Maybe just add a [string tolower [HTTP::uri]] in your if statemement:
when HTTP_REQUEST {
if { [matchclass [string tolower [HTTP::uri]] starts_with $::legacyPaths] } {
checked for matchclass == legacyPaths and forward to Legacy_http_pool
snat 172.23.0.60
HTTP::header insert X-Forwarded-For [IP::remote_addr] this was done to test i am trying to do it using http profile..
used for debub
HTTP::redirect http://www.google.com
pool Legacy_http_pool
} else {
when uri matches admin in Literatum check for source ip
if { [string tolower [HTTP::uri]] starts_with "/admin" and (not [matchclass [IP::remote_addr] equals $::Admin]) } {
path for admin uri but not internal IP
log local0. "External IP ([IP::remote_addr]) attempting to access admin path ([HTTP::uri])"
HTTP::redirect http://redirect.com/404.html
} else {
pool Stage_http_pool
}
}
}
X-Forwarded-For header will be insert in your request after it goes through the BIGIP. So if you want to check this header you need to have a look between the BIGIP and the web server