For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

TFleming's avatar
TFleming
Icon for Nimbostratus rankNimbostratus
Apr 17, 2020
Solved

Find connection attempts via source IP

Hey guys, I'm fairly new to F5. We have one configured before I started working here. We have a windows terminal server virtual server in our F5 that load balances between 18 different back end termi...
application delivery
BIG-IP
devops
TMSH
  • Beaker's avatar
    Beaker
    Apr 20, 2020
    when CLIENT_ACCEPTED {
  set LogString "Client [IP::client_addr]"
  log local0. "==== $LogString (request) ====="
}
 
when SERVER_CONNECTED {
  log local0. "==== $LogString (server connected) - server: [LB::server addr]:[LB::server port] ===="
}

    I have tested that this works

TFleming's avatar
TFleming
Icon for Nimbostratus rankNimbostratus
Apr 17, 2020

​Sadly I still get an error "01071912:3: HTTP_REQUEST event in rule (/Common/LogLocalConnections) requires an associated HTTP or FASTHTTP profile on the virtual-server (/Common/RDS-2016-VIP)." with the above iRule.

Beaker's avatar
Beaker
Icon for Cirrus rankCirrus
Apr 18, 2020

Sorry forgot to change the irule event when I edited it before. I have updated the code above. This does not use http processing events rather just tcp events