Forum Discussion
AltocumulusBlock ipv6
Hi,
From the anti-bot profile logs, I noticed requests from an IPv6 client IP.
I applied this iRules to the VIP to see what was happening.
when FLOW_INIT {
if { [IP::version] eq "6" } {
drop
log local0. "Blocked IPv6 connection from [IP::client_addr]"
}
}
The statistics are incremented by one per second, but I don't see any logs in /var/log/ltm
Does anyone have any idea what's going on?
thanks
3 Replies
VGF5Cumulonimbus
Hi Antonio3
If your syslog configuration (in bigip.conf) only includes “warning” or higher severity for the local0 facility, informational messages will be filtered and not written to the log file. By default, iRule log messages use the “informational” severity level.
Option 1: Follow the steps in the following article and update.
K000139985: iRule local0 logs aren't appearing in /var/log/ltm or syslog
Option 2: Increase the log level in your iRule to "warning" so it matches your current filter
log local0.warning "Blocked IPv6 connection from [IP::client_addr]"
Antonio3Hi f51,
Thanks for your support
The sys db log.rules.level is already "Warning"sys db log.rules.level {
default-value "Informational"
scf-config "false"
value "Warning"
value-range "Debug Error Informational Notice Warning"
}If I try to apply a different iRules, for example, log when my public IP contacts the VIP, I see the logs in /var/log/ltm.
Thanks
- VGF5
Thank you for the update. Try as below. Move the log command before the drop command in your iRule.
when FLOW_INIT {
if { [IP::version] eq "6" } {
log local0.warning "Blocked IPv6 connection from [IP::client_addr]"
drop
}
}
