Don_24935
Sep 29, 2008Nimbostratus
Whitelist
I'm looking into the ability to use Whitelists with v9, can it be done? If so, how could I go about setting them up. Thank you for your help.
We want to filter the whitelist by url and not ip address.
For example.
www.testlab.com/pass
Allows all ip addresses to pass to this host.
www.testlab.com/fail
Allows only certain ip addresses to pass to this host.
when HTTP_REQUEST {
log local0. "---------NEW REQUEST--------------"
log local0. "uri is: [HTTP::uri]"
log local0. "IP is: [IP::remote_addr]"
if { [string tolower [HTTP::path]] starts_with "/FOO" } {
log local0. "Starting uri with /FOO"
if {([IP::addr [IP::remote_addr] equals 10.12.126.248/255.255.255.255]) or
([IP::addr [IP::remote_addr] equals 10.12.126.249/255.255.255.255]) or
([IP::addr [IP::remote_addr] equals 10.12.126.250/255.255.255.255]) or
([IP::addr [IP::remote_addr] equals 10.32.186.0/255.255.252.0]) or
([IP::addr [IP::remote_addr] equals 10.34.186.0/255.255.252.0]) or
([IP::addr [IP::remote_addr] equals 10.24.69.2/255.255.255.255])
} {
log local0. "sending to pool FOO.COM"
pool FOO.COM-80
} elseif {[IP::addr [IP::remote_addr] equals 10.0.0.0/255.0.0.0] } {
log local0. "Redirecting user..."
HTTP::redirect "http://www.NEW.com"
}
} elseif {[IP::addr [IP::remote_addr] equals 10.0.0.0/255.0.0.0] } {
log local0. "Redirecting user..."
HTTP::redirect "http://www.NEW.com"
} else {
log local0. "No matched occured for this request"
}
}