Forum Discussion
NimbostratusIrule ACL
I had applied irule ACL in LTM. I want to check is there any query reaching to my LTM from ip which is not defined in allowed pool. pls suggest how i can check this.
BR, Suresh Joshi.
3 Replies
spalandeNacreous
You can enable logging, for this. Basically this would have been achieved by configuring data group with allowed IPs. and rejecting connection if incoming clinet IP doesn't match it. Can you post the iRule you use, suggestion can be given where to enable logging.
- spalande
Logging is already enabled "log local0. "Connection not allowed from [IP::client_addr]. Request dropped by ACL". Are you saying, you are not able to see the logs. If request lands on VS from client IP, which is not defined in DG group_cns_broadband OR group_cns_mobility, BIG-IP will drop it. and it will be logged in ltm log file. This can be checked, cat /var/log/ltm | grep "iRule name" OR tail -f /var/log/ltm | grep "iRule name"
- spalande
if you want to cross check logging is happening.
1) login into LTM, and run command tail -f /var/log/ltm | grep "iRule name" 2) If your system is in not allowed client subnet , try to access the application from your system. 3) you can see the log printed in ltm file as below
Nov 8 04:39:24 bigipF5 info tmm[8072]: Rule /Common/whitelist : Connection not allowed from 192.168.3.152. Request dropped by ACL
