iRule to only allow private networks....
Hi, I have an iRule in place that is supposed to be rejecting all external network traffic coming into an LTM virtual server for a few select administrative pages. Someone on DevCentral had done something very similar to what I needed, so I took their iRule and adjusted for my needs. The iRule is as follows :
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"*/wp-admin/*" -
"*/wp-login.php" -
"*/phpmyadmin/*" -
"*/wp-config.php" {
if { !([class match [IP::client_addr] equals private_net])} {
reject
}
}
}
}
private_net is a data group that contains the class A,B and C RFC private networks. The issue is that we are having random people inside our network ( 10.x.x.x ) having the iRule apply to their connections and they are unable to access the pages. I cannot find a reason why this is occurring. We did a WireShark capture for someone that is being blocked and sure enough, you can see the source address is ( 10.x.x.x ) but the iRule still kicks in.
Any ideas or insight into this issue would be greatly appreciated. Thanks.