Forum Discussion

iRule's avatar
iRule
Icon for Cirrus rankCirrus
Nov 23, 2023

Whitelisting access to URLs based on specific IPs

Dear Community,

I have a requrirment to allow access to a specific URI path from few public IPs & all private IPs; remaining public IPs should not be able to access this specific URI path. All other URI paths should be abe to be accessed by any IP whether private or public.

Requirement Example:

"https://abc.com/good/evening/happy/life" should be able to be accessed by four public IPs only & private IPs.

and all other URIs paths than above should be accessable by all public IPs & private IPs.

https://abc.com/*

 

 

 

  • Hi,

    After creating a datagroup for private IP networks and public IPs, you can use iRule or LTM policy.

    when HTTP_REQUEST {
    	if { [string tolower [HTTP::uri -normalized] equals "/good/evening/happy/life" && not ([class match [IP::client_addr] equals /Common/datagroupname])} {
    		drop
    		return
    	}
    }
    • iRule's avatar
      iRule
      Icon for Cirrus rankCirrus

      Hello Enes,

      Thank you for your replay.

      The iRule which you provided takes care of first part of requirement i.e access to specific URI path allowed from four public IPs & all private IPs.

      Please inform do I need to add commadns in iRule to adderss remaning requirment; all other URI paths should be accessable by all public & private IPs.

      Regards

      • Hi,

        The iRule drops requests except certain IP addresses for the certain url. If there is no match with the if statement, requests will be forwarded to the default pool. iRule does not require any extra code.
        It might be better to use path instead of uri.

        when HTTP_REQUEST {
        	if { [string tolower [HTTP::path -normalized] equals "/good/evening/happy/life" && not ([class match [IP::client_addr] equals /Common/datagroupname])} {
        		drop
        		return
        	}
        }

        For the following URL:
        http://www.example.com:8080/main/index.jsp?user=test&login=check

        The URI is:
        /main/index.jsp?user=test&login=check
        The path is:
        /main/index.jsp
        The query is:
        user=test&login=check