Forum Discussion

Nimbostratus

Feb 06, 2012

iRules to verify binary data from TCP::payload

Hey Folks, Good day. I am newbie to F5/irules. Need help from you guys to solve my first task on irule :) I have a pool of 3 servers. The incoming traffic is a TCP binary stream....

Employee

Feb 06, 2012

can you add log command something like this?

[root@ve1023:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
   TCP::collect 2
}

when CLIENT_DATA {
   set msid [TCP::payload 2]
   binary scan $msid H* msid_hex
   log local0. "\$msid: $msid"
   log local0. "\$msid_hex: $msid_hex"
   TCP::release
}
}

[root@ve1023:Active] config  cat /var/log/ltm
Feb  5 23:56:26 local/tmm info tmm[4369]: Rule myrule CLIENT_DATA: $msid: GE
Feb  5 23:56:26 local/tmm info tmm[4369]: Rule myrule CLIENT_DATA: $msid_hex: 4745

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRules to verify binary data from TCP::payload

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Verified Design: SSL Orchestrator with McAfee Web Gateway-Part 1

Verified Design: SSL Orchestrator with Cisco Firepower Virtual Edition-Part 1

Verifying Slack Requests with Mutual TLS

Verified Design: SSL Orchestrator with Palo Alto NGFW Virtual Edition-Part 2

Verify, but Never Trust?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS