Chris_Baiocchet
Dec 24, 2018Nimbostratus
iRule to block access to a URI based on IP Address
Hello all,
I have a public-facing website. I want to block access to a specific URI if a requesting client is not within our internal network; redirecting the client to the main page of the site. But it is not working, and can't figure why. The code I currently have is:
when HTTP_REQUEST
{
log local0. "Request from [IP::client_addr] URI: [HTTP::uri]"
if { [string tolower [HTTP::uri]] contains "/agenthub/agentPiped" }
{
if { [class match [IP::client_addr] equals ALLOWED_INTERNAL_IP_ADDRESSES ] }
{
log local0. "Request from [IP::client_addr] URI: [HTTP::uri] matched /agentPiped"
pool VFCFPROD_HTTP
}
else
{
log local0. "Request from [IP::client_addr] address not found in ALLOWED_INTERNAL_IP_ADDRESSES"
HTTP::redirect "[https://www.XYZ.com"](https://www.XYZ.com);
}
}
}
Looking in the LTM log, I only see a log entry generated by the first log local0 command of the irule:
$1
It does not look as though external traffic ever hits the second log local0 command, so it appears that none of the subsequent conditions are getting hit. but I don't understand why. Any suggestions would be greatly appreciated.