We ended up opening a support case with F5 and here is the iRule and data group syntax that we had to use.
when HTTP_REQUEST {
log local0. "path is [HTTP::path]"
set search_id [class startsearch blue_ACL]
while { [class anymore blue_ACL $search_id] } {
nextelement returns an array with two elements (for a string class, we just care about the first element)
set elem [class nextelement blue_ACL $search_id]
set elem [lindex $elem 0]
log local0. "elem is $elem"
if { [string tolower [HTTP::path]] matches_regex $elem } {
log local0. "$elem matched !"
return
}
}
HTTP::respond 200 content "PERMISSION DENIED TO: [HTTP::uri]"
}
The trick is that your datagroup (blue_ACL) strings need to be entered using REGEX notation. ( You will need to start each string with a "^" and for the / path (root), you need to enter "^/$".
^/$ (the $ means "end of string")
^/Dealer
^/Help
^/Image
^/Login
^/User
You also need to enter all the strings in lower case because of the " tolower" command, if they are upper case they won't match.
I appreciate everyones help but I just wanted to update the forum with what worked for us.