Mike_McCardle_1
Jan 03, 2007Nimbostratus
Simple Drop rule help
I have the following iRule applied to one of the Virtual servers on my F5, and what I wanted it to do was accept traffic only on the specified ports, and all other requests to drop the packets. when I run NMAP against the IP address, it shows a large amount of ports open. The Virtual server does accept all ports, but it has the iRule applied.What am I doing wrong? Thanks.
when CLIENT_ACCEPTED {
if {([TCP::local_port] >= 6000 ) && ([TCP::local_port] <= 6299) ||
([TCP::local_port] >= 177 ) && ([TCP::local_port] <= 177) ||
([TCP::local_port] >= 21 ) && ([TCP::local_port] <= 21) ||
([TCP::local_port] >= 389 ) && ([TCP::local_port] <= 389) ||
([TCP::local_port] >= 48140 ) && ([TCP::local_port] <= 48144) ||
([TCP::local_port] >= 2148 ) && ([TCP::local_port] <= 2148) ||
([TCP::local_port] >= 13131 ) && ([TCP::local_port] <= 13131) ||
([TCP::local_port] >= 22 ) && ([TCP::local_port] <= 22) } {
pool SD4_Mgmnt
} else drop
}