Forum Discussion
chungyu_16122
May 05, 2015Altostratus
I was thinking of collecting the in coming IP address:
when CLIENTSSL_HANDSHAKE { if {[SSL::cipher version] eq "SSLv3"}{ log local0. "[IP::client_addr] [SSL::cipher version]" } }
And then once I get a sufficient idea of the clients connecting to our AD service via SSLv3, I could do something like this:
when CLIENT_ACCEPTED { if { [class match $SITE equals SSLv3_Client]} { SSL::profile ADC_LDAP_SSL3 } else { SSL::profile ADC_LDAP } }