F5 Technology Blog

Saturday, October 26, 2013

Block IPs using data group and irule


1) Create a data group

Local Traffic > Virtual Servers > iRules > Data Group List
Create data group with Type Address
Add IP address to IP field and provide description in the value field
You can add a list of IP addresses to be blocked.

2) Create an iRule
when HTTP_REQUEST {
 foreach allxforwardvalues [HTTP::header values X-Forwarded-For] {
  foreach destip [split [string map {" " ""} $allxforwardvalues] ","] {
if { [class match -- $destip equals ip_blacklist] } {  
     reject
     event disable all
     return
   }
  }
 }
}

3) Add the iRule to virtual  ip

posted by Jayanthi Krishnamurthy @ 8:56 PM   0 Comments

Friday, October 4, 2013

tcpdump

tcpdump -ni 0.0:nnn -s0 host x.x.x.x and host y.y.y.y -w /var/tmp/tdump1cap

posted by Jayanthi Krishnamurthy @ 2:54 PM   0 Comments

Newer›  ‹Older

About Me

Name: Jayanthi Krishnamurthy

View my complete profile

Posts

  • Block IPs using data group and irule
  • tcpdump

Older Posts Newer Posts

Archives

  • March 2010
  • July 2010
  • November 2011
  • May 2012
  • June 2012
  • August 2012
  • November 2012
  • December 2012
  • August 2013
  • September 2013
  • October 2013
  • February 2014
  • March 2015
  • Current Posts

Subscribe to
Posts [Atom]