Forum Discussion
iRules code share,only use tcp protocol profile to log tcp dns request and A or AAAA dns answers ip
- Oct 17, 2022
Nice addition, xuwen, thanks for sharing!
For those that find this, it's a fantastic example of how to use binary commands to decode the protocol, but I wouldn't recommend logging dns traffic to local0. unless it's for a very brief point in time for troubleshooting purposes, and even then, if your system has heavy dns traffic, it's likely to significantly reduce throughput. A better option for logging from iRules would be to use HSL and send the logs off-box for analysis.
Nice addition, xuwen, thanks for sharing!
For those that find this, it's a fantastic example of how to use binary commands to decode the protocol, but I wouldn't recommend logging dns traffic to local0. unless it's for a very brief point in time for troubleshooting purposes, and even then, if your system has heavy dns traffic, it's likely to significantly reduce throughput. A better option for logging from iRules would be to use HSL and send the logs off-box for analysis.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com