Forum Discussion
pjcampbell_7243
Apr 22, 2011Cirrus
Failing PCI DSS for cookie insert
The cookie insert is showing the internal IP of my pool members. Is there a way to do F5 generated cookie persistence without displaying this info?
this is the info they were able to get: ...
May 26, 2011
Posted By pjcampbell on 04/22/2011 11:05 AM
I couldn't figure out how to get this by dumping headers and cookies with curl but that is moot.
Was this SSL traffic? If so, you will need the key and you will need to use ssldump to decrypt it.. you could always use wireshark locally if you have the key, but I like doing it all on the box.. and we have policies about transferring keys around..
sol10209: Overview of packet tracing with the ssldump utility http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10209.html?sr=14639274
Additionally, if you want to capture the header info, and you will if you want to troubleshoot cookies, you will need to use the -H option to do so... I recommended F5 to add that info to the solution but I don't think they have...
Here is a good list of ssldumps features: http://www.rtfm.com/ssldump/Ssldump.html
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects