Forum Discussion

Jim_Sellers_106

Nimbostratus

Oct 03, 2011

Path Based ACL Irule

Here is the scenario

I have 9 IP addresses that I want to allow to the following path but allow access to any other URL/URI on the server.

Lets just say 1.1.1.1 through 1.1.1.9

/npcaccounts/ManageAccount.aspx

/npcaccounts/ManageVendor.aspx

I have a few idea's in mind... creating a class for the sources and then creating a class for the paths. Any suggestions or help would be much appreciated.

12 Replies

Jim_Sellers_473
Nimbostratus
Oct 13, 2011
Well I am just trying only give access to a datagroup of IP addresses to a couple Admin type URL's and block any IP's that are not in the datagroup that try to access lets say /customer/ems*
Jim_Sellers_473
Nimbostratus
Oct 13, 2011
Here is the current method I am trying big thanks for Bhattman!!

ACL_EMSECOMMER_PROD is the datagroup I have setup with some IP addresses that need to be able to access /customers/ems*

when HTTP_REQUEST {

switch -glob [string tolower [HTTP::uri]] {

"/customers/ems/*"

{

if { not [class match [IP::client_addr] equals ACL_EMSECOMMERCE_PROD ] } {

discard

}

}

}

}

Forum Discussion

Path Based ACL Irule

12 Replies

Recent Discussions

snmp automatic stop mail send

BIG-IP DNS iRule issue with static variable

Using okta as SSO to login F5 GUI

(How) can I get two client certificates in one APM session?

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Related Content

iRule redirect based on hostname

Replace path in redirect

iRule - Prepend Path to URI

Redirect to different Pool based on URL

iRule assistance based on URI and source address