Forum Discussion

bsb's avatar
bsb
Icon for Nimbostratus rankNimbostratus
Jun 12, 2018

irule for specific pools

Team, would like to configure an irule to redirect based on client ip's.

 

when HTTP_REQUEST { if { [matchclass [IP::client_addr] equals 1.1.1.0/24] } { do nothing. } elseif {([class match [IP::client_addr] equals 2.2.2.0/24]) }{ HTTP::redirect "; } }

 

It doesn't work, is there a modification required.

 

13 Replies

  • Hi,

    First of create your DataGroup then use this irule:

    when CLIENT_ACCEPTED {
        if { not ( [class match [IP::client_addr] equals my_ip_dg] ) } {
             do nothing
        } elseif {([class match [IP::client_addr] equals my_ip_dg]) }{ 
            HTTP::redirect "https://www.test.com"
        }
    }
    

    Regards

  • oguzy's avatar
    oguzy
    Icon for Cirrostratus rankCirrostratus

    Hi,

    If you do not want to create a data group, you can try the below one:

    when HTTP_REQUEST { 
        if { [IP::addr [IP::client_addr] equals 1.1.1.0/24] } {
             do nothing
        } elseif { [IP::addr [IP::client_addr] equals 2.2.2.0/24] } { 
            HTTP::redirect "https://www.test.com"; 
        } 
    }
    
    • bsb's avatar
      bsb
      Icon for Nimbostratus rankNimbostratus

      Missed one part, LTM is behind proxy which hides the incoming client ip, tried below option, still didn't work.

       

      i am trying to access the site from 2.2.2.x network and instead of redirect, posting a custom message

       

      when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::remote_addr] if { [IP::addr [IP::client_addr] equals 1.1.1.0/24] } { do nothing } elseif { [IP::addr [IP::remote_addr] equals 2.2.2.0/24] } { HTTP::respond 503 content {

       

      } } }

       

    • bsb's avatar
      bsb
      Icon for Nimbostratus rankNimbostratus

      below content were removed.

       

      < html> < head>< title> regret message < /title>< /head> < /html>

       

    • oguzy's avatar
      oguzy
      Icon for Cirrostratus rankCirrostratus

      Hi,

      when HTTP_REQUEST { 
          HTTP::header insert X-Forwarded-For [IP::client_addr]
          if { [IP::addr [HTTP::header X-Forwarded-For] equals 1.1.1.0/24] } {
               do nothing
          } elseif { [IP::addr [HTTP::header X-Forwarded-For] equals 2.2.2.0/24] } { 
               HTTP::respond 503 content "Page is currently unavailable."
               event disable 
               TCP::close
          } 
      }
      

      If it does not work again, please share any errors if exist in the /var/log/ltm or try to logging for debug.

  • Hi,

    If you do not want to create a data group, you can try the below one:

    when HTTP_REQUEST { 
        if { [IP::addr [IP::client_addr] equals 1.1.1.0/24] } {
             do nothing
        } elseif { [IP::addr [IP::client_addr] equals 2.2.2.0/24] } { 
            HTTP::redirect "https://www.test.com"; 
        } 
    }
    
    • bsb's avatar
      bsb
      Icon for Nimbostratus rankNimbostratus

      Missed one part, LTM is behind proxy which hides the incoming client ip, tried below option, still didn't work.

       

      i am trying to access the site from 2.2.2.x network and instead of redirect, posting a custom message

       

      when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::remote_addr] if { [IP::addr [IP::client_addr] equals 1.1.1.0/24] } { do nothing } elseif { [IP::addr [IP::remote_addr] equals 2.2.2.0/24] } { HTTP::respond 503 content {

       

      } } }

       

    • bsb's avatar
      bsb
      Icon for Nimbostratus rankNimbostratus

      below content were removed.

       

      < html> < head>< title> regret message < /title>< /head> < /html>

       

    • oguzy_191375's avatar
      oguzy_191375
      Icon for Nimbostratus rankNimbostratus

      Hi,

      when HTTP_REQUEST { 
          HTTP::header insert X-Forwarded-For [IP::client_addr]
          if { [IP::addr [HTTP::header X-Forwarded-For] equals 1.1.1.0/24] } {
               do nothing
          } elseif { [IP::addr [HTTP::header X-Forwarded-For] equals 2.2.2.0/24] } { 
               HTTP::respond 503 content "Page is currently unavailable."
               event disable 
               TCP::close
          } 
      }
      

      If it does not work again, please share any errors if exist in the /var/log/ltm or try to logging for debug.