F5- Specify allowable IP ranges for HTTPD access
Add an IP address or range of IP addresses to the current allowed listTo add an IP address or range of IP addresses to the current list of hosts that are allowed to access the Configuration utility, p
Add an IP address or range of IP addresses to the current allowed list
To add an IP address or range of IP addresses to the current list of hosts that are allowed to access the Configuration utility, perform the following procedure:
Note: For BIG-IP deployments that incorporate BIG-IQ or data collection device (DCD) devices, the IP addresses and associated access type for these devices need to be included in the allowed IP address lists.
Impact of procedure: Performing the following procedure should not have a negative impact on your system.
- Log in to the TMOS Shell (tmsh) by entering the following command:
tmsh
- To add an IP address or range of IP addresses to the current allowed list of hosts, enter the following command:
modify /sys httpd allow add { <IP address or IP address range> }
Important: When you use add, the system retains any previous configuration settings (for example the default allow All configuration setting).
For example, to add 172.28.31.140 and 172.28.65.150 to the current list, you would enter the following command:
modify /sys httpd allow add { 172.28.31.140 172.28.65.150 }
To add the subnet 172.28.31.0/255.255.255.0 and 172.28.65.0/255.255.255.0 to the current list, you would enter the following command:
modify /sys httpd allow add { 172.28.31.0/255.255.255.0 172.28.65.0/255.255.255.0 }
- To list the IP addresses of the current allowed hosts, enter the following command:
list /sys httpd allow
- Save the change by entering the following command:
save /sys config
Replace the current allowed list with a new list
To replace the current list of allowed hosts that can connect to the Configuration utility, perform the following procedure:
Impact of procedure: Access to the Configuration utility will be denied if the IP address or range of IP addresses is incorrect.
- Log in to tmsh by entering the following command:
tmsh
- To replace the current list of allowed hosts with an IP address or range of IP addresses, enter the following command:
modify /sys httpd allow replace-all-with { <IP address or IP address range> }
For example, to replace the current list of allowed hosts with 172.28.31.140 and 172.28.65.150, you would enter the following command:
modify /sys httpd allow replace-all-with { 172.28.31.140 172.28.65.150 }
To replace the current list of allowed hosts with the subnet 172.28.31.0/255.255.255.0 and 172.28.65.0/255.255.255.0, you would enter the following command:
modify /sys httpd allow replace-all-with { 172.28.31.0/255.255.255.0 172.28.65.0/255.255.255.0 }
- Save the change by entering the following command:
save /sys config
Remove an IP address or range of IP addresses from the current allowed list
To remove an IP address or range of IP addresses from the current list of hosts that are allowed to access the Configuration utility, perform the following procedure:
Impact of procedure: Performing the following procedure should not have a negative impact on your system.
- Log in to tmsh by entering the following command:
tmsh
- To remove an IP address or range of IP addresses from the current allowed list of hosts, enter the following command:
modify /sys httpd allow delete { <IP address or IP address range> }
For example, to remove 172.28.31.140 and 172.28.65.150 from the current list, you would enter the following command:
modify /sys httpd allow delete { 172.28.31.140 172.28.65.150 }
To remove the subnet 172.28.31.0/255.255.255.0 and 172.28.65.0/255.255.255.0 from the current list, you would enter the following command:
modify /sys httpd allow delete { 172.28.31.0/255.255.255.0 172.28.65.0/255.255.255.0 }
- Save the change by entering the following command:
save /sys config
火山引擎开发者社区是火山引擎打造的AI技术生态平台,聚焦Agent与大模型开发,提供豆包系列模型(图像/视频/视觉)、智能分析与会话工具,并配套评测集、动手实验室及行业案例库。社区通过技术沙龙、挑战赛等活动促进开发者成长,新用户可领50万Tokens权益,助力构建智能应用。
更多推荐
0
0- 0
已为社区贡献2条内容
所有评论(0)