Forum Discussion
JG
Nov 02, 2019Cumulonimbus
Try the following:
when HTTP_REQUEST {
if { ([string tolower [HTTP::uri]] starts_with "/admin") && not ([IP::addr [IP::client_addr] equals 192.168.0.0/16]) } {
drop
} else {
pool prd-pl-company
}
}
.
- Mark_GallagherNov 04, 2019Altocumulus
Thanks for the input JG. I did try this (also with an exclamation point outside the parentheses) and it doesn't seem to match. I have definitely been able to get the match to work with a large list of /32 addresses, but never the /16.
This what I tried as far as what they were recommending in a KB for efficient subnet matching:
when HTTP_REQUEST { if {( [string tolower [HTTP::uri]] contains "/admin") && (not[IP::addr [IP::remote_addr] equals 192.168.0.0/255.255.0.0])} { HTTP::respond 503 content {