script for port 443 and 50000-59999

Question

Hello forum, 
&nbsp; I have an iRule as below: 
&nbsp;  when CLIENT_ACCEPTED {  
&nbsp;     if {  [TCP::client_port] &lt; 50000 or  [TCP::client_port] &gt; 59999}{  
&nbsp;        drop  
&nbsp;     }  
&nbsp;  }  
&nbsp;  
&nbsp; This will allow ports 50000-59999 to be served. I also have port 443 need to serve too. 
&nbsp;  
&nbsp; Does this iRule works on 443 and 50000-59999 ports? 
&nbsp; I think it works well for port 50000-59999, but I don't know how to get it works for port 443 also. 
&nbsp; Help please. 
&nbsp; Thanks,

hooleylist · Answer

I think you want to check TCP::local_port not TCP::client_port.  TCP::client_port is the source port. 
  
 You can check for the ports you want to allow using this: 
  
 ([TCP::local_port] &gt;= 50000 &amp;&amp; [TCP::local_port] &lt;= 59999) || [TCP::local_port] == 443) 
  
 And you can logically NOT that to drop everything else:

when CLIENT_ACCEPTED { 
  
     Check requested port 
    if { ! (([TCP::local_port] &gt;= 50000 &amp;&amp; [TCP::local_port] &lt;= 59999) || [TCP::local_port] == 443)}{ 
  
        Request was to an disallowed port, so drop it 
       drop 
    } 
 }

Aaron

Forum Discussion

script for port 443 and 50000-59999

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Related Content

About script

Cross Site Scripting (XSS) Exploit Paths

Export Virtual Server Configuration in CSV - tmsh cli script

Collect all partitions all type wideip and its pools members status with tmsh script

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747