Forum Discussion
Ben_95489
Oct 05, 2010Nimbostratus
Hey Derek,
This is definitely possible. In fact, I did something not entirely dissimilar. Check out some of the address-related commands here: http://devcentral.f5.com/wiki/default.aspx/iRules/IP.html
You can do the matching in the rule for fairly small addresses, but it is probably better to use matchclass (http://devcentral.f5.com/wiki/default.aspx/iRules/matchclass.html) for this. Here's roughly what the rule I put together looked like:
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/leet/adminz/"} {
if { [matchclass [IP::client_addr] equals $::Allowed_Addresses] } {
log local0. "[IP::client_addr] matched, allowing access."
}
else {
log local0. "[IP::client_addr] did not match, redirecting user agent."
HTTP::redirect "/"
}
}
}