Forum Discussion

DarkSideOfTheQ_'s avatar
DarkSideOfTheQ_
Icon for Nimbostratus rankNimbostratus
Sep 16, 2009

Restrict access based off source network

Hello All,

Sanity check...I'm trying to block access to specific pages based off the source network the client is coming from. The rest of the site should remain available to anyone. I *think* I've got the irule down, but am not 100% sure and would appreciate some more knowledgeable input.

Pages to block:

http://our.domain.com/templates/Test.jsp

http://our.domain.com/templates/Stats.jsp

Data Group "internal-ips"

1.1.1.0/24

2.2.2.0/24

3.3.3.0/24

 
 when HTTP_REQUEST { 
    if {  ([HTTP::uri] contains "Test.jsp") or ([HTTP::uri] contains "Stats.jsp") and not ([matchclass [IP::client_addr] equals [$::internal-ips]]) } { 
       discard 
    } 
 } 
 

TIA,

DarkSide

19 Replies