redirect if hosts are on the external segment
I am trying to write the iRules to achieve these: * If users are on the trusted network segment, they can view and edit the page http://www.mycompany.com/ and any URI after www.mycompany.com * If users are on the un-trusted network segment and they are trying to access http://www.mycompany.com/user, they are redirected to http://www.mycompany.com/ * If users are on the un-trusted segment and they are trying to access http://www.mycompany.com/department1/user, or http://www.mycompany.com/department2 and so on, they are redirected to http://www.mycompany.com/department1, http://www.mycompany.com/department2, etc... respectively
Here is my iRules: when HTTP_REQUEST { if {[IP::addr [IP::client_addr] equals 10.10.10.5/32] or [IP::addr [IP::client_addr] equals 192.168.100.0/24]} { log local0. "First IF" pool seattle-only } elseif {([HTTP::uri] starts_with "/user")} { log local0. "First Elseif" HTTP::redirect "http://[HTTP::host]" } elseif {([HTTP::uri] starts_with "/*/user")} { log local0. "SECOND ElseIf" set new-uri [getfield [HTTP::uri] "/" 2] log local0. "2nd elseif $new-uri" HTTP::redirect "http://[HTTP::host]/$new-uri" } else { pool seattle-only log local0. "LAST ELSE [HTTP::uri]" } }
I tested it and when I am on the untrusted network segment and trying to access http://www.mycompany.com/department1/user, I can still go straight to the http://www.mycompany.com/department1/user, my iRules does not redirect me to the http://www.mycompany.com/department1. So I think the statement ([HTTP::uri] starts_with "/*/user") does not work. But I am not sure why and how to fix it.
Do you have any suggestions?
Thanks,