Forum Discussion

Nimbostratus

Oct 05, 2010

need help figuring out a proxy irule

The below post has a bunch of good information that I think has me in the right direction. http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/aff/5/aft/1172576/afv/topic/asg/50/D...

Nimbostratus

Oct 05, 2010

Hey Derek,

This is definitely possible. In fact, I did something not entirely dissimilar. Check out some of the address-related commands here: http://devcentral.f5.com/wiki/default.aspx/iRules/IP.html

You can do the matching in the rule for fairly small addresses, but it is probably better to use matchclass (http://devcentral.f5.com/wiki/default.aspx/iRules/matchclass.html) for this. Here's roughly what the rule I put together looked like:

when HTTP_REQUEST {

if { [HTTP::uri] starts_with "/leet/adminz/"} {

if { [matchclass [IP::client_addr] equals $::Allowed_Addresses] } {

log local0. "[IP::client_addr] matched, allowing access."

}

else {

log local0. "[IP::client_addr] did not match, redirecting user agent."

HTTP::redirect "/"

}

Forum Discussion

need help figuring out a proxy irule

Recent Discussions

Wildcard SSL Certificate Deployment on F5 LTM

help irules for compatibilty

Grant access to users from F5 APM based on okta user group

iRule condition - request contains more than 10000 parameters

http protocol compliance

Related Content

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

SSL PROXY

F5 TCP Proxy mode

Integrating SSL Orchestrator with Symantec ProxySG: Explicit Proxy