Reflexive irule ACL?

Question

We have a linkcontroller and we would like to see if there is a reflexive type irule that can allow connections initiated/sourced from one host 10.3.3.3 to 10.4.4.4, but not connections initiated/sourced from 10.4.4.4 to 10.3.3.3? I checked the packet filter section but it doesn't seem to have the reflexive type features we are looking for. Thx!

the_bhattman · Answer

I suppose you can create the iRule that looks like the following

when CLIENT_ACCEPTED { 
   if { [matchclass [IP::client_addr] equals $::Hosts]} { 
     forward 
   } else  { 
     drop 
   } 
 }

Hope this helps 
  
 CB

Forum Discussion

Reflexive irule ACL?

1 Reply

Recent Discussions

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Related Content

Protect your applications using F5’s Distributed Cloud and Fast ACL’s

iRules Style Guide

How to change ACL forbidden page?

Hey ChatGPT, can you write iRules?

POC: Validate JWT with iRule