Jump to content
Welcome to our new Citrix community!

Bloked GET and allow to especific IP


Recommended Posts

Hello Everyone,

 

1. We have a website published on netscaler that prohibits any url that contains the GET option.
2. Can I allow only 1 ip if I have the GET in the URL to be directed to the server and the others not?

 

Can Anybody help me about this?

 

Thanks,

 

Wilian 

Link to comment
Share on other sites

Configure a responder policy to DROP all traffic where http.req.method.set_text_mode(ignorecase).eq("get") && !client.ip.src.eq(<allowed ip>)

If you don't want any traffic get or post hitting this site; then just filter on !<client ip> aka not client ip.

 

add responder policy rs_pol_dropgets_wipexception  'http.req.method.set_text_mode(ignorecase).eq("get") && !client.ip.src.eq(x.x.x.x)' DROP

 

Bind to the appropriate lb vserver.

 

For the expression, please note:

Any GET Request from all IPS that are NOT <client ip> above, will be DROPPED.

Any non-get request will be allowed from every ip. (not filtered)

 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...