Forum Discussion
DarkSideOfTheQ_
Sep 17, 2009Nimbostratus
Now I've gone and broke things....
This works:
when HTTP_REQUEST {
if { [HTTP::uri] contains "Test.jsp" or [HTTP::uri] contains "Stats.jsp" }{
if {not [matchclass [IP::client_addr] equals $::ips_internal]} {
log local0. "[IP::client_addr]:[TCP::local_port]: Matched IP check. Discarding request to [HTTP::uri]"
discard
}
}
}
In anticipation of them adding more pages they want secured, I tried the '-glob' mechanism, but the GUI tells me "line 5: [missing an expression] [ ]" but not sure what's missing???
when HTTP_REQUEST {
switch -glob [HTTP::uri] {
"Test.jsp" -
"Stats.jsp"
if {not [matchclass [IP::client_addr] equals $::ips_internal]} {
log local0. "[IP::client_addr]:[TCP::local_port]: Matched IP check. Discarding request to [HTTP::uri]"
discard
}
}
}
Help is appreciated, my irule kung-fu isn't so strong. 🙂
-DarkSide