Forum Discussion

vvskaladhar_488's avatar
vvskaladhar_488
Icon for Nimbostratus rankNimbostratus
Jun 20, 2018

irule help

Hello All, Currently i am using below irule for logging client ips who use TLSv1 and v1.1 on virutals. but our client want to enable the audit in F5 that will include IP address and full URL be...
application delivery
iRules
LTM
Anesh's avatar
Anesh
Icon for Cirrostratus rankCirrostratus
Jun 20, 2018

The below code was tested on 12.1.3

 

when CLIENTSSL_HANDSHAKE { 

    set virtual_server [LB::server] 
    set userip [IP::client_addr] 
    set SSL_version [SSL::cipher name] 
    set SSL_PROTOCOL [SSL::cipher version]

    if { $SSL_PROTOCOL == "TLSv1" } {
        set tlsver1 1
    }
    else {
        set tlsver1 0
    }
}


when HTTP_REQUEST {
    if { $tlsver1 } {
    log local0. "Warning: Host - [HTTP::host], URI - [HTTP::uri], $userip - $SSL_version - $SSL_PROTOCOL - $virtual_server"
    }
    
}