Forum Discussion

11 Replies

  • Hello yuanqiang,

     

    Can you clarify your idea?

     

    May be you want to filter the source IP addresses from which the virtual server accepts traffic.

     

    Regards,

     

    Preslav

     

  • eben's avatar
    eben
    Icon for Nimbostratus rankNimbostratus

    Hi yuanqiang,

     

    If I get your question right, you don't want VS to be accessed using IP address, only the use of domain name for the VS yes?

     

  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus

    If it's the latter )only access via domain name and not IP), you could try looking at the host: header. It SHOULD be filled in with the site name from the URL that was typed...

     

    I'm not sure whether you'll get any false readings (Positive or Negative) from that, but convention says it will mostly do what you want. No guarantees though because it's up to the browser to fill in that header correctly. Of course if it doesn't other things will probably break, so you may be in luck.

     

  • Hi yuanqiang This should get the job done.

    when HTTP_REQUEST{
    if {[HTTP::host] equals "
    }
    

    }

    HTH Regards

    Eben.

    • yuanqiang_22112's avatar
      yuanqiang_22112
      Icon for Nimbostratus rankNimbostratus
      @eben,thank you ! Maybe I can try this irules again ,right ?

      when HTTP_REQUEST{ if {[HTTP::host] equals " log.local0 "connection dropped from client for accessing [HTTP::host]" }else{ drop }

       

      }
    • Jad_Tabbara__J1's avatar
      Jad_Tabbara__J1
      Icon for Cirrostratus rankCirrostratus

      @Yuanqiang this will not work since you are dropping all requests that don't come with

      also the command you need to correct the following line

      log local0. "connection dropped from client for accessing [HTTP::host]"

  • eben's avatar
    eben
    Icon for Nimbostratus rankNimbostratus

    Hi yuanqiang This should get the job done.

    when HTTP_REQUEST{
    if {[HTTP::host] equals "
    }
    

    }

    HTH Regards

    Eben.

    • yuanqiang_22112's avatar
      yuanqiang_22112
      Icon for Nimbostratus rankNimbostratus
      @eben,thank you ! Maybe I can try this irules again ,right ?

      when HTTP_REQUEST{ if {[HTTP::host] equals " log.local0 "connection dropped from client for accessing [HTTP::host]" }else{ drop }

       

      }
    • Jad_Tabbara__J1's avatar
      Jad_Tabbara__J1
      Icon for Cirrostratus rankCirrostratus

      @Yuanqiang this will not work since you are dropping all requests that don't come with

      also the command you need to correct the following line

      log local0. "connection dropped from client for accessing [HTTP::host]"

  • Hello Yuanqiang,

    It is better to check in your irule the FQDN and based on the FQDN drop or do nothing.

    when HTTP_REQUEST {
    
        if { ! ( [string tolower [HTTP::host]] eq "app.domain.com" ) } {
            drop 
            log local0. "connection dropped from client for accessing [HTTP::host]"
        }
    }
    

    By doing this, you prevent clients to connect via IP directly and also via other FQDN (if they changes their host file for example).

    Hope it helps

    Regards

  • I'd recommend using a Local Traffic Policy (Local Traffic ›› Policies : Policy List)

     

    Introducing Local Traffic Policies

     

    This discusses creating a Local Traffic Policy that examines the Host header for a specific value - you can redirect or drop requests that do not match your criteria.