iRule to block URL by IP addresses in Network Firewall Address List

Question

We are currently using an iRule to drop HTTP/HTTPS connections to Exchange (anything but OWA) using an iRule and a white list of IP addresses. We recently added an Office 365 connector, and now the white list is being updated monthly with adds/drops for IPs and ranges. Is it possible to create a list of IP addresses in the Network Firewall Address List, then reference that list in an iRule? I'm currently using a text file for the white list that I currently use "modify ltm data-group internal...." to modify. Or is there a way to use the Network Firewall to create a rule to allow /owa but block /ews and /rpc based on the white list?

jinshu · Answer

Not that I'm aware of. AFM and iRules are seperate.&nbsp;
Datagroups are the best way to use the list in iRules and you are already using it.&nbsp;
-Jinshu&nbsp;

arpydays · Answer

you can use ACL::action to provide a level of irule interaction with AFM and change AFM ACL actions based on irule logic. So you may be able to have an AFM rule to drop certain traffic but override that if for example the source matched a whitelist checked from an irule.&nbsp;
https://devcentral.f5.com/wiki/irules.acl__action.ashx&nbsp;

Forum Discussion

iRule to block URL by IP addresses in Network Firewall Address List

2 Replies

Recent Discussions

ISP Bandwidth Utilization

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Geo Fence in ASM through irule for URI

google-visualization-issues

Related Content

F5 AFM/Edge Firewall and the difference between Edge Firewalls and Next-generation Firewalls (NGFW)

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

What is Multi-Cloud Networking?

F5 AFM as Main Network Firewall

A complete Multi-Cloud Networking walkthrough with F5 Distributed Cloud