John_Cassidy_13
Feb 21, 2014Nimbostratus
IP and HTTP Events iRule
We have a new web app that we want to lock down to not only source IP address but also the web URI. Each customer has a different interface on the web app so we want to send requests to a different pool based on URI. However, we do not want customer A gaining access to customer B's site, thus the source IP address lookup.
Below is what I tried to do on a first attempt. Is there a way to do this when the client connects and not every HTTP request?
when HTTP_REQUEST {
if { [matchclass $::CustA_Source_IPs contains [IP::client_addr]] and [HTTP::uri] eq "/custa" } {
pool CustomerA_Pool
}
elseif { [matchclass $::CustB_Source_IPs contains [IP::client_addr]] and [HTTP::uri] eq "/custb" } {
pool CustomerB_Pool
}
else {
drop
}
}