tskeel_217567
Feb 23, 2016Nimbostratus
irule to restrict ftp and sftp destination
I need an irule to limit sftp and ftp destination ideally by hostname. If hostname is not possible I think IP would be ok.
This was my first attempt:
when CLIENT_ACCEPTED {
if { !([matchclass [IP::local_addr] equals FTPWhitelist]) }{
reject
}
}
I have one ip in FTPWhitelist but traffic to other sites is allowed.
Thanks