Forum Discussion
Nuttycomputer_1
Nimbostratus
NimbostratusiRule - Reject SSL 3.0
Looking for assistance on whether this is possible with an iRule.
We have a vendor system behind an F5 and with the new SSL 3.0 the vendor has gotten back to us indicating they have no plans to ...
Nuttycomputer_1Nimbostratus
NimbostratusDefault would be to just drop the packet... I'm thinking something like this is simple enough. Haven't touched iRules since a brief LTM training so I can't recall if I need to add a forward to pool or if the drop statement is enough:
when HTTP_REQUEST {
Check Encryption type
if { [SSL::cipher version] = SSLv3 }{
If SSLv3 Detected drop connection
drop
}
}
jgranieri_42214Nimbostratus
Nimbostratusdrop or reject
Rule 1 on VS1
when HTTP_REQUEST priority 100 {
This event in this iRule runs first
reject
log local0. "Rejecting this request"
}
