winifred_corbet
Jun 24, 2010Nimbostratus
Block traffic by IP address and Allow external access by domain name?
Currently we have an irule in place that allows traffic to specific URLs, by allowing the interal IP addresses only.
Now we need to allow very specifc external domains in (we cannot get an IP range), like akamai.net, how would we accomplish that?
This is what we have now:
when HTTP_REQUEST {
if {([matchclass [HTTP::uri] starts_with $::securePaths]) and not ([matchclass [IP::client_addr] equals $::our_internal_ips])}{
log local0. "Untrusted IP ([IP::client_addr]) attempting to access secure path ([HTTP::uri])"
discard
} else {
log local0. "Allowing connection from [IP::client_addr] to [HTTP::uri]"
}
}