Forum Discussion

Nimbostratus

Aug 05, 2016

IRULE to terminate connection after certificate verification

to minimize CCU usage and the desired outcome being to terminate connection after certificate verification, We can use the SSL::handshake event. The idea behind the irule is to terminate connect...

application delivery

iRules

R_Marc

Nimbostratus

Aug 15, 2016

drop should do what you need. I, personally would do a class match against a data-group for this. Since a data-group is a structured list, so there is less risk in adding/removing that updating the iRule itself.

Not sure why you'd wait util after the ssl handshake though, if you know the IP is bad, just drop it and CLIENT_ACCEPTED, though you can do it in most other events, I believe. That being said, this is probably better handled at a firewall.

ltm data-group internal drop-list {
records {
        10.125.0.3/32 {}
    }
    type ip
}

ltm rule drop-list-rule {
    CLIENT_ACCEPTED {
        if { [class match [IP::client_addr equals drop-list] } {
            drop
        }
    }
}

Forum Discussion

IRULE to terminate connection after certificate verification

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Configure NGINX microgateway for MTLS termination and client certificate hash verification

Google reCAPTCHA Verification With Sideband Connections

Re: Management Certificate

My Security+ Certification Journey

Certifications for security professionals