Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

The "IP::client address" in iRules drop packet from broadcast address or not?

 if ([class match [IP::client_addr] equals DATA_GROUP])
      forward
   }
 else{
      reject
 }


   DATAGROUP = 192.168.1.0/24

As the code above if the request from 192.168.1.255 coming in ... the iRules will reject the packet or forwarding?

Thank you

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The iRule forwards it. Because if clause just check If it is in the specific subnet. The range of the above subnet is 192.168.1.0-192.168.1.255. This means 192.168.1.255 is in the specific subnet, then forward.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
when CLIENT_ACCEPTED {
if { [class match [IP::client_addr] equals DATA_GROUP] } {
forward
} else reject
}

forward

Sets the connection to forward IP packets. This is strict forwarding and will bypass any pool configured on the virtual server.

The request will be forwarded out the appropriate interface according to the routes in the LTM routing table. No destination address or port translation is performed.

If the client ip matches if condition, it forwards. In your case the ip comes in the /24 range. If it doesn't match, it rejects.

0