NimbostratusDatagroup / Access class match not working.
I have the following iRule and the redirect is working well. However, I want to restrict the clients that connect. Can someone help me out with a recommendation? I have tried the below addition to no avail. iRule works fine with just redirect:
when HTTP_REQUEST { HTTP::redirect http://my.website.com/main/MWS-autologin.cfm?x=testing123four }
iRule rejects everyone with the below applied. I have a datagroup I set up with the GUI to allow the 10.0.0.0/24. When I source traffic from the 10.0.0.0/24, I see a reset-0 message in my firewall. When I source traffic from outside the 10.0.0.0/24, I see a reset-I message in my firewall. This confirms that the iRule is doing something just not what I want it to.
when CLIENT_ACCEPTED { if { [class match [IP::client_addr] equals desired-clients] }{ forward } else { discard } } when HTTP_REQUEST { HTTP::redirect http://my.website.com/main/MWS-autologin.cfm?x=testing123four }
Sets the connection to forward IP packets. This is strict forwarding and will bypass any pool configured on the virtual server.
The request will be forwarded out the appropriate interface according to the routes in the LTM routing table. No destination address or port translation is performed.
Try removing your forward command and changing up your iRule logic.
when CLIENT_ACCEPTED { if { ![class match [IP::client_addr] equals mynetwork] } { discard } } when HTTP_REQUEST { HTTP::redirect http://my.website.com/main/MWS-autologin.cfm?x=testing123four }Hope this helps.
