Need iRule for specfic sources to specfic ports going to the Same VS for Proxy LB

So here's what i have found out.

 

 

host and network need to be unique, if you have a host that is able to get to multiple ports you have to set your class like this

 

class fw_tcp_rules_class {

 

{

 

host 10.1.1.1.2 { "192.168.1.1:3101,1111,1112,11112" }

 

}

 

}

 

 

Here are the other problems i'm having.

 

 

1. if an ip is in the data class it will show if the connection is accepted or blocking the connection.

 

if the ip is not in the data class it does show in the log but doesn't show if it's blocking or allowing the connection.

 

 

2. With the wild card virtual server when i try connect to a port the I'm not supposed to connect to, I'm expecting the following:

 

Connecting To X.X.X.X...Could not open connection to the host, on port 1101:

 

Connect failed.

 

 

But it looks like it open the connection whether it is only to the F5 and dies, i'm concerned that DOS could try and eat up all the ports.

 

 

I thought this was supposed to close the connection?