Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

TFleming's avatar
TFleming
Icon for Nimbostratus rankNimbostratus
6 years ago
Solved

Find connection attempts via source IP

Hey guys, I'm fairly new to F5. We have one configured before I started working here. We have a windows terminal server virtual server in our F5 that load balances between 18 different back end termi...
application delivery
big-ip
devops
TMSH
  • Beaker's avatar
    Beaker
    6 years ago
    when CLIENT_ACCEPTED {
  set LogString "Client [IP::client_addr]"
  log local0. "==== $LogString (request) ====="
}
 
when SERVER_CONNECTED {
  log local0. "==== $LogString (server connected) - server: [LB::server addr]:[LB::server port] ===="
}

    I have tested that this works

TFleming's avatar
TFleming
Icon for Nimbostratus rankNimbostratus
6 years ago

​Sadly I still get an error "01071912:3: HTTP_REQUEST event in rule (/Common/LogLocalConnections) requires an associated HTTP or FASTHTTP profile on the virtual-server (/Common/RDS-2016-VIP)." with the above iRule.

Beaker's avatar
Beaker
Icon for Cirrus rankCirrus
6 years ago

Sorry forgot to change the irule event when I edited it before. I have updated the code above. This does not use http processing events rather just tcp events