Forum Discussion
vvskaladhar_488
Nimbostratus
Nimbostratusirule help
Hello All,
Currently i am using below irule for logging client ips who use TLSv1 and v1.1 on virutals.
but our client want to enable the audit in F5 that will include IP address and full URL be...
Anesh
Cirrostratus
CirrostratusThe below code was tested on 12.1.3
when CLIENTSSL_HANDSHAKE {
set virtual_server [LB::server]
set userip [IP::client_addr]
set SSL_version [SSL::cipher name]
set SSL_PROTOCOL [SSL::cipher version]
if { $SSL_PROTOCOL == "TLSv1" } {
set tlsver1 1
}
else {
set tlsver1 0
}
}
when HTTP_REQUEST {
if { $tlsver1 } {
log local0. "Warning: Host - [HTTP::host], URI - [HTTP::uri], $userip - $SSL_version - $SSL_PROTOCOL - $virtual_server"
}
}