Project Chain Links Challenge 2: Modifying a Codeshare Example
For the background and introduction to this series, click here. The TL;DR for Project Chain Links is to:
- Present a clear problem to solve
- Make sure the problem is small enough to tackle quickly
- Provide a solution a few days later for validation
And with that, let's get on with it!
Challenge #2
The background: A coworker is trying to create some basic access controls for a web application and finds a codeshare entry on DevCentral that looks like it will fit the need.
The problem: The codeshare entry is quite dated, and was tested for BIG-IP version 9.4. You run BIG-IP version 14.1, so you need to research the iRule presented in the codeshare entry:
- Will it work as is?
- If it doesn't work, what are the minimal changes you will have to make?
Solution: Your solution should result in a functional iRule and any other helper objects that successfully blocks access to your web app if not sourced from any of five different IP address ranges.
Bonus challenge:
- Alter the solution to support 20 different IP address ranges, if necessary
- Alter the solution again to support 100 different IP address ranges, if necessary
- Alter the solution to only block access to the web app based on source IP if the URL begins https://www.nerdknobs.local/admin-portal/
Questions for understanding:
- In what situations should you analyze and potentially refactor iRules?
- How might you use the iRules documentation to inform your refactoring efforts?
- How might you use performance testing to inform your refactoring efforts?
Published Jan 22, 2020
Version 1.0