In this topic about solution F5 using iRules to check source client IP address from HTTP header x-forward-for and f5 query IP address from x-forward-for to geo-database for check country name, In case match with blacklist country, F5 action drop packet from client

Step1: Diagram Traffic flow for this case

Step2: In case you known about source client IP, You can using command for check country from client IP with command “geoip_lookup -f /shared/GeoIP/v2/F5GeoIPRegion2v2.dat x.x.x.x”

Result: Current source client IP country is US

Step3: Create iRules data-group for add blacklist country

Step4: Create iRules for check blacklist country and apply to virtual servers

when HTTP_REQUEST {
log local0. “Client IP: [HTTP::header value “X-Forwarded-For”] >>> Step0″
if { [HTTP::header exists “X-Forwarded-For”] } {
log local0. “Client IP: [HTTP::header value “X-Forwarded-For”] >>> Step1″
set client_ip [HTTP::header value “X-Forwarded-For”]
set fromCountry [whereis $client_ip country]
log local0. “Client IP: $client_ip Country: $fromCountry >>> Step2”
if { ( [class match $fromCountry equals Blocked_Countries]) }{
drop
log local0. “Drop Client IP: $client_ip Country: $fromCountry >>> Step3”
}
}
}

Step5: We try to test with client from country US to virtual server, We display logs with command “tail -f /var/log/ltm” and found that logs match on step2 because in data-group that we add country name = test

Step6: We try to change string in iRules data-group from test to US

Step7: We try to test again and found logs iRules matching condition drop

 781 total views,  1 views today

Related Posts

  • F5 release IP geolocation database on F5 website: https://downloads.f5.com, You can download database update by following step below, We would like to provide 10 Steps for install and update IP geolocation database, Step1: Access website https://downloads.f5.com Step2: Click "Find a Download" Step3: Select BIG-IP version that you using for download…
    Tags: step, ip, geolocation, command, traffic, manager, networks, local, global
  • Function load balancer help you to improve about stability, flexibility and scalability to your system services, F5 health check to service on server before distribute traffic to server for reduce unstable servers to users Step1: Go to menu Local Traffic > Pools > Pool List > Create Step2: Fill in…
    Tags: traffic, step, ltm, local, manager
  • In this topic, We would like to provide step to create IPv6 address on F5 BIG-IP via GUI web management and command line, we hope this information will help you to understand step create IPv6 address on F5 Step1: Create VLAN for IPv6 Address, GUI > Networks > IPv6 and…
    Tags: step, command, local, networks, traffic, manager
  • This topic we would lile to provide information and step how to setup F5 iRules that check source client ip and translate client ip addtess before send traffic to servers Diagram In this diagram above, We have client IP a.a.a.a, b.b.b.b and c.c.c.c send traffic to virtual server on F5,…
    Tags: ip, irules, client, source, traffic, data-group, step, match, check, networks
  • In this topic we would like to provide solution iRules check condition that match with HTTP referrer and redirect traffic, in case not match any thing F5 will action forward traffic to specific pool Example Diagram F5 iRules check HTTP referrer and redirect traffic iRules code when HTTP_REQUEST {if {…
    Tags: traffic, match, irules, check, http::header, client, case, networks

No responses yet

Leave a Reply

Your email address will not be published.