Only licensed for LTM... am I missing something here?
Just want to whitelist a small list of networks and block access to the rest for a specific vip.
Yes I know I can use an irule, an irule with a data group, or a packet filter. http class seemed to be an easy way to do this in a more structured, easy to edit for those less experienced way.
Those gave way to local traffic policies, but I can't seem to find an operand for that.
Do I need to upgrade, or is this sort of thing moved into a different module now? Or are my choices irules or packet filters?
You should be able to put the source addresses into the source field in the Virtual Server.
I don't think this is possible with a local traffic policy. There are no IP-based operands. I see that the TCP operand has an "address" selector (v11.6) but there is no documentation on it's use and I recieved an error attempting to configure it with an IP address. It's down to packet filter, iRule, or AFM if you're licensed for that.
tried with 11.6 HF6, I'm not sure but quite sure that's working on 11.5 also.
Configured a policy that matches TCP Address AND some specific URI (If you wish to do that, like in my case).
The policy must include HTTP and TCP operands and forwarding "reset" action, or you can change URI or HOST or whatever :)