Forum Discussion

bbensten_8485's avatar
bbensten_8485
Icon for Nimbostratus rankNimbostratus
Jun 26, 2014

Using a Data Group for white listing IPs

We are trying to use a Data Group for the first time and we are having issues. Can someone please look at this simple example and tell us where we have missed something? It will not accept the Irule with this syntax.

 

when HTTP_REQUEST { if { [string tolower [HTTP::path]] contains “/blah” } { if { !([matchclass [IP::client_addr] equals allowed_IPs ])} { discard } } }

 

Data group list is a type "address" called "allowed_IPs" and contains a list of ips and networks.

 

  • Are you running v11? If so, try this:

    when HTTP_REQUEST { 
     if { [string tolower [HTTP::path]] contains “/blah” } { 
      if { ! [class match [IP::client_addr] equals allowed_IPs]} { 
       discard 
      } 
     }
    }
    
  • Are you running v11? If so, try this:

    when HTTP_REQUEST { 
     if { [string tolower [HTTP::path]] contains “/blah” } { 
      if { ! [class match [IP::client_addr] equals allowed_IPs]} { 
       discard 
      } 
     }
    }