Forum Discussion

yaoxu_11146's avatar
yaoxu_11146
Icon for Nimbostratus rankNimbostratus
May 30, 2008

is it possible to write ACL iRule for specified cell phone

our F5 is supporting a website that could be accessed by cell phone, and now i'm required to work out a iRule that could add ACL for cell phone(only specified cell phone could access this site). i know it's quite simple to do this for computers, but is it possible to do the same thing for cell phone?

 

anybody has similar experience?
application delivery
dev
devops
iRules

3 Replies

Sort By
  • Philippe_CLOUP's avatar
    Philippe_CLOUP
    Icon for Employee rankEmployee
    May 30, 2008
    Are those cell phones sending a non standard HTTP browser header, that we can identify ?

     

    You can then work with cookie insertion, to add special things for access control ?
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    May 30, 2008
    People have used iRules to select a special pool for WAP users (Click here). I'd be leery of using any unvalidated HTTP header as the only means to enforce an ACL though. A crafty client can set their user-agent or any other HTTP header to any value they want.

     

     

    This is something that's been publicized lately with t-mobile and the iphone:

     

    http://lifehacker.com/386168/get-free-wi+fi-access-on-your-laptop-at-starbucks-barnes-and-noble

     

     

    Aaron
  • Philippe_CLOUP's avatar
    Philippe_CLOUP
    Icon for Employee rankEmployee
    May 30, 2008
    as mentioned in my post, and in the same way aaron wrote,

     

    don't use the "user-agent" for your ACL.

     

    Use it to identify the cell-phones to direct them to special servers (where you can put smaller files and images), and if you need to identify the users, use something like client certificates or client authentication (ACA module on LTM), to force their authentication (and their "identification, of course ;-) )