Forum Discussion

msaunders's avatar
msaunders
Icon for Nimbostratus rankNimbostratus
Jul 26, 2017

If not path1 or path2 irule issue

Having a tough time with if/or. Any help is appreciated!!! This is close, but not working:

When request is from a public IP if the path is not /carinfoapi_usertest or /carinfoapi_dev, drop the packets otherwise, allow any path

when HTTP_REQUEST{ switch -glob -- [string tolower [HTTP::host]] { "host.domain.com"{ if { ! ([class match [IP::client_addr] equals private_net ]) }{ if { ! ( [string tolower [HTTP::path]] starts_with "/carinfoapi_dev" || "/carinfoapi_usertest" ) }{ reject } else { pool host.domain.com_pool } } else { pool host.domain.com_pool } return }

                                        }
                }

1 Reply

  • Figured it out. For some reason, the nested 'if' was causing an issue. Combining into one statement works:

     

    when HTTP_REQUEST{ switch -glob -- [string tolower [HTTP::host]] { "host.domain.com"{ if { ! ([class match [IP::client_addr] equals private_net ]) && ! ([string tolower [HTTP::path]] starts_with "/carinfoapi_dev" || [string tolower [HTTP::path]] starts_with "/carinfoapi_usertest" ) }{ reject } else { pool host.domain.com_pool } return }}}