Discard packet with source ip address on one pool

Question

I am new in iRules so I need help. 
&nbsp;  
&nbsp; Ok I have two sets of proxy servers. 
&nbsp;  
&nbsp; First set of proxy servers are defined as pool X, and another as pool Y. 
&nbsp;  
&nbsp; Currently I use irule which does http inspection  
&nbsp;  
&nbsp; if {([HTTP::uri] starts_with "http_uri1") or 
&nbsp;     ([HTTP::uri] starts_with "http1_ur2") or 
&nbsp;     ([HTTP::uri] starts_with "http2 uri3") } { 
&nbsp;      
&nbsp;   pool X 
&nbsp; } 
&nbsp; else { pool Y } 
&nbsp; }  
&nbsp;  
&nbsp; Packets with source ip address range 172.16.0.0/16 should go only to pool X. Every other packet with different source address should pass http inspection an be routed according current irule. 
&nbsp;  
&nbsp; Thanks in advance.

hooleylist · Answer

Hi, 
  
 Here is an example to get you started:

when CLIENT_ACCEPTED { 
  
     Check if client is part of 172.16.0.0/16 network 
    if {[IP::addr [IP::client_addr] equals 172.16.0.0/16]}{ 
  
        IP matched, so select pool_X 
       pool pool_X 
  
        Prevent the HTTP_REQUEST event from firing 
       event HTTP_REQUEST disable 
    } 
 } 
 when HTTP_REQUEST { 
  
     Check the requested URI 
    switch -glob [HTTP::uri] { 
       "/http_uri1" - 
       "/http_uri2" - 
       "/http_uri3" { 
           Matched URI check so use pool_X 
          pool pool_X 
       } 
       default { 
          pool pool_Y 
       } 
    } 
 }

Aaron

Forum Discussion

Discard packet with source ip address on one pool

1 Reply

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

Automating Packet Captures on BIG-IP

F5 packet buffer

Decoding the IPv4 address from the persistence cookie

CSV to Address External Datagroup File

SNAT IP address logging