Smtp irules access list

Question

Hi all.I created a simple irules for prevent unauthorized client ip to send mail to balancer:&nbsp;when CLIENT_ACCEPTED {	set accepted_snat "x.x.x.x"&nbsp;	if { [ class exists SmtpPool ] }	{		if { [class match [IP::client_addr] equals $::SmtpPool] }		{			snat $accepted_snat		} else {			snat automap		}	} else {			snat automap	}}&nbsp;I created smtppool with autorized ip and assign this rule a specific virtual server. This virtual server wirk fine without rule. If i select rule in virtual server not work. If i try test to telnet i view only black screen when i connect and close the session.&nbsp;Thanks

boneyard · Answer

what does the /var/log/ltm say?&nbsp;you do have entries in the datagroup? do those match?&nbsp;see also:https://devcentral.f5.com/s/question/0D51T00006i7ZeSSAU/irule-smtp-help

fromrome · Answer

Hi. Thanks for response. I receive this error on log file:

err tmm[11119]: 01220001:3: TCL error: /Common/SmtpFilter <CLIENT_ACCEPTED> - can't read "::PoolSmtp": no such variable while executing "class match [IP::client_addr] equals $::PoolSmtp"

Thanks

fromrome · Answer

I try to use this rule https://devcentral.f5.com/s/question/0D51T00006i7ZeSSAU/irule-smtp-help

boneyard · Answer

do you have a datagroup called PoolSmtp? &nbsp;remove the $:: in front of PoolSmtp in the iRule .

Forum Discussion

Smtp irules access list

4 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Enabling AVR and creating Profiles

Get associated pool name from VIP IP using F5-LTM

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

About custome Response Blocking Page

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Access policy, LTM policy and iRules

Advanced iRules: SMTP Start TLS

SMTP Traffic Forward to M365 on Port 587

F5 SMTP Fast Template - SNAT Not working as expected