IP Address range in iRules - ACL's

Question

Hi Guys,&nbsp;
Just wondering if there was a way to specify IP ranges instead of subnets?&nbsp;
Essentially I want to specify in APM ACL's ranges such as 10.10.1.25-50 or 192.168.1.100-200 so not sure if you can do this in dynamic ACL within APM or iRules set on the LTM VS?&nbsp;
thanks,&nbsp;
B&nbsp;

thomas_gobet · Answer

Hi,
You have 2 choices : 
The first one is to use classes, and the second one is to use this : 
set ip [IP::client_addr]
set lastoctet [getfield $ip "." 4]
if { not ((($lastoctet &gt;= 25) &amp;&amp; ($lastoctet &lt;= 50)) || (($lastoctet &gt;= 100) &amp;&amp; ($lastoctet &lt;= 200)) } { 
  reject;
}

You have to use it into an iRule which will check the subnet first otherwise you will authorize everything ending by $lastoctet

bboyjnr_8532 · Answer

wow thanks for the speedy and perfect reply!&nbsp;
B&nbsp;

Forum Discussion

IP Address range in iRules - ACL's

2 Replies

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

Assistance with iRule using port ranges

iRule [string range...] not chunking data properly

Policy to forward to a range of ports

CSV to Address External Datagroup File

Decoding the IPv4 address from the persistence cookie