cancel
Showing results for 
Search instead for 
Did you mean: 

Allowing multiple subnets access to multiple URLs, while redirecting those subnets/hosts not permitted

Highlighted
Occasional Contributor

Allowing multiple subnets access to multiple URLs, while redirecting those subnets/hosts not permitted

My end goal is for a TrafficScript request rule that allows multiple subnets/hosts access to multiple URL paths using begins with logic, while redirecting those subnets/hosts not permitted to http://www.google.com.

In plain English, the goal is:

If the source subnet/host doesn't match 10.10.10.10/32 OR 10.64.0.0/16 OR 10.16.10.0/24 OR 10.16.20.0/24 OR 10.16.30.0/24 AND the URL path starts with /beef OR /chicken OR /port OR /bacon OR /veggies, then redirect the user to http://www.google.com.

With the rule below, this logic works for /beef, but doesn't work correctly for the others (/chicken, /port, /bacon, /veggies).  If I change the || (aka OR) to && (aka AND) for the URL match portion, all source IP addresses are permitted to the specified URL paths.

#############

# VARIABLES #

#############

# Look up the URL path

$path = http.getpath();

# Look up the remote client IP address

$ip = request.getRemoteIP();

###############

# CONDITIONS #

###############

#

if ( !string.ipmaskmatch ( $ip, "10.10.10.10/32")

    && !string.ipmaskmatch( $ip, "10.64.0.0/16" )

    && !string.ipmaskmatch( $ip, "10.16.10.0/24" )

    && !string.ipmaskmatch( $ip, "10.16.20.0/24" )

    && !string.ipmaskmatch( $ip, "10.16.30.0/24" )

    && string.startsWithI( $path, "/beef" )

    || string.startsWithI( $path, "/chicken" )

    || string.startsWithI( $path, "/pork" )

    || string.startsWithI( $path, "/bacon" )

    || string.startsWithI( $path, "/veggies" )

#

# ACTION

#

  {

   http.redirect( "http://www.google.com" );

  }

1 REPLY
Occasional Contributor

Re: Allowing multiple subnets access to multiple URLs, while redirecting those subnets/hosts not permitted

A big thanks to John Naughton from Riverbed Support for pointing me in the right direction to get this TrafficScript rule working as desired.  The finished product was to add some additional parentheses (see in bold below) where needed.  As a side note, Notepad++ helps with showing what is bracketed with parentheses.


#############

# VARIABLES #

#############

# Look up the URL path

$path = http.getpath();

# Look up the remote client IP address

$ip = request.getRemoteIP();

##############

# CONDITIONS #

##############

if ((( !string.ipmaskmatch ( $ip, "10.10.10.10/32")

    && !string.ipmaskmatch( $ip, "10.64.0.0/16" )

    && !string.ipmaskmatch( $ip, "10.16.10.0/24" )

    && !string.ipmaskmatch( $ip, "10.16.20.0/24" )

    && !string.ipmaskmatch( $ip, "10.16.30.0/24" ))

    && (string.startsWithI( $path, "/beef" )

    || string.startsWithI( $path, "/chicken" )

    || string.startsWithI( $path, "/pork" )

    || string.startsWithI( $path, "/bacon" )

    || string.startsWithI( $path, "/veggies" ))))

#

# ACTION

#

  {

   http.redirect( "http://www.google.com" );

  }