Need IP restrict 9.x irule on 4.x

Question

This is my basic 9.x rule 
 when CLIENT_ACCEPTED { 
 if {[matchclass [IP::client_addr] equals $::] || [matchclass [IP::client_addr] equals $::]}{ 
 } else { 
 discard 
 } 
 } 
  
 and the datasource class contains IP's and Networks 
 If I could get a example of using classes in the 4.x then I think I could move forward. 
 This is what I have so far. 
  
 if (client_addr == one of ) { 
 pool  
 } 
 else { 
 discard 
 } 
 } 
  
 But I don't think it works.

the_bhattman · Answer

It looks like you have the same type of conditional evaluation of the IP::client_addr 
  
 Try slimming it down to the following:

when CLIENT_ACCEPTED {  
    if { [matchclass [IP::client_addr] equals $::] }{  
    } else {  
    discard  
    }  
  }

I hope this helps 
 CB

ryan_rowe_79249 · Answer

So it is going to be the same for 4.x irule?

the_bhattman · Answer

Unfortunately I never used rules on v4.x when dealing with rules, only v9.x and up.

hooleylist · Answer

You should be able to use this format where aol_class is a class of AOL IP addresses/networks. 
&nbsp;  
&nbsp; https://support.f5.com/kb/en-us/products/big-ip_4_x/manuals/product/bigip4_6_2ref/BIGip_rules.html1183277 
&nbsp;  
&nbsp; if (client_addr equals one of aol_class) { 
&nbsp; use pool aol_pool 
&nbsp; } 
&nbsp; else { 
&nbsp; use pool other_pool 
&nbsp; } 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Need IP restrict 9.x irule on 4.x

4 Replies

Recent Discussions

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Pricing when used with aws waf

Related Content

Restrict Traffic To VIP By Subnet

iRule - Restricting IP addresses for a portion of URI

Irule for restricting selected ips for NOT USING TLSV1 and 1.1

Restrict access to virtual server during specified time

Restricting AD Authentication to Authorized Users Only