That's not possible via ip_allow.config. There is some limited support for IP address based control of remap rules, which is mostly broken but should work well enough to handle your use case. The basic idea is to set up remap rules for the destinations (e.g. mydomain.local), even if it's an identity remap. You can then disable that rule based on the IP address of the user agent (enable doesn't work as expected - see issue #1971). Something like
map http://mydomain.local http://mydomain.local @action=deny @src_ip=~192.168.1.2 This will cause the remap rule to not trigger for address that are not 192.168.1.2 (because of the tilde). Such a request can either (1) get a 404 "Not found on accelerator" error or (2) be sent by another remap rule to an error page. Note the address can be specified as a range of two IP addresses separated by a dash '-'. See https://docs.trafficserver.apache.org/en/latest/admin-guide/files/remap.config.en.html#acl-filters On Wed, Mar 20, 2019 at 2:42 AM Alexander Rabenstein <[email protected]> wrote: > Hi, > > > > I am trying to figure out if its possible to do something like this in > ip_allow.config: > > > > src_ip=192.168.1.1 dest_ip=mydomain.local action=ip_allow method=all > > Src_ip=192.168.1.2 dest_ip=mydomain.local action=ip_deny method=all > > > > So allowing access to certain origins depending on the source IP. > > > > Is this possible with traffic server? > > > > Kind regards > > > > Alexander Rabenstein > > Professional > > Application Management - Retail > > -- > > > > Schwarz IT KG > > Stiftsbergstraße 1 · D-74172 Neckarsulm > > Büro: D-74074 Heilbronn · Ferdinand-Braun-Straße > > > > Telefon: +49 (0) 7132 30 455 077 <%20+49713230455077> > > [email protected] > > > > Kommanditgesellschaft · Sitz: Neckarsulm > > Registergericht Stuttgart · HRA 730995 > > >
