Forum Discussion
tran_93981
Nimbostratus
I want to do:
- if a user is on the trusted network segment, the user can access www.company.com and any URI after that
- if a user is on the untrusted network segment, the user can access www.company.com
- if a user is on the untrusted network segment and the user is trying to access to www.company.com/user then he will be redirected to www.company.com
- if a user is on the untrusted network segment and the user is trying to access to www.company.com/xyz/user, the user will be redirected to www.company.com/xyz
After reading Nitass's answer and looking up more on devcentral, I have the iRule code to achieve those and it seems to work:
when HTTP_REQUEST {
if the request is from the trusted network segments
if {[IP::addr [IP::client_addr] equals 10.10.10.3/32] or [IP::addr [IP::client_addr] equals 10.55.88.0/24]} {
log local0. "First IF"
pool seattle-only
return
}
if the request is from untrusted network segment
switch -glob [string tolower [HTTP::path]] {
"/user" {
log local0. "1st SWITCH PATH:[HTTP::path] URI:[HTTP::uri]"
HTTP::redirect "http://[HTTP::host]"
}
"/*/user" {
set new_uri [getfield [HTTP::uri] "/" 2]
log local0. "WILD CARD SWITCH PATH:[HTTP::path] URI:[HTTP::uri] NEW_URI: $new_uri"
HTTP::redirect "http://[HTTP::host]/$new_uri"
}
default {
log local0. "DEFAULT: PATH:[HTTP::path] URI:[HTTP::uri]"
pool seattle-only
}
}
}
Thanks,
What_Lies_Bene1
Jun 11, 2014Cirrostratus
OK, brilliant, job done! Cheers