Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Chung_Yu's avatar
Chung_Yu
Icon for Nimbostratus rankNimbostratus
Jul 23, 2019

Postman GET request to see the full config on F5

Hi   I am new to the DEVOPS world and did a few labs on the F5 university. I want to build a library of F5 VS configs - but all the examples on line show base config with no customization like TC...
devops
iControlREST
Satoshi_Toyosa1's avatar
Satoshi_Toyosa1
Ret. Employee
Jul 25, 2019

Dario's solution is great and handy, however, you may experience timeout when the configuration is large. If you encounter the timeout error (check the /var/log/restjavad.x.conf log file on the target box), you may want to try the following alternative method - generating and downloading an scf file (see K13408 for details). It involves multiple steps, but it works for a larger file.

Step 1) Check if you can generate a file under the /shared/images directory

curl -sku admin:<passwd> -X GET -H "Content-type: application/json" https://<host>/mgmt/tm/sys/global-settings?\$select=fileBlacklistPathPrefix > blacklist

The above is equivalent to 'tmsh list sys global-settings'. If the output contains {/shared/images}, you cannot create a file under the directory, which is the location for iControl REST file download. Remove {/shared/images} from the output (the file 'blacklist' in the above examply). Modify ('tmsh modify sys global-settings ...') the settings.

# curl -sku admin:<passwd> -X PATCH -H "Content-type: application/json" https://<host>/mgmt/tm/sys/global-settings -d@blacklist 

Step 2) Generate an scf file under /shared/images.

The following call is equivalent to 'tmsh save sys scf /shared/images/file.scf no-passphrase'.

curl -sku admin:<passwd> -X POST -H "Content-Type: application/json" https://<host>/mgmt/tm/sys/config -d '{"command":"save", "options":[ {"file":"/shared/images/file.scf", "no-passphrase":""} ] }'

Two files, file.scf and file.scf.tar, are generated under /shared/images on the target BIG-IP box.

Step 3) Find the size of the file

You need to know the size of the file before downloading. The following call is equivalent to 'tmsh run util unix-ls /shared/images'.

curl -sku admin:<passwd> -X POST -H "Content-Type: application/json" https://<host>/mgmt/tm/util/unix-ls -d '{"command":"run", "utilCmdArgs":"-l /shared/images"}'

Step 5) Download the scf file.

curl -sku admin:<passwd> -H "Content-Type: application/octet-stream" -H "Content-Range: 0-47215/47216" https://<host>/mgmt/cm/autodeploy/software-image-downloads/file.scf  -o local.scf

In the above example, the file size is assumed 47216 bytes (from Step 4).

The maximum size of file you can download via iControl REST is 1 MB. When the file is larger, you need to chunk (split) iit and call the download multiple times. e.g., For a 2,100,000 bytes file, you need to call it three times by specifying the different part of the file (0 to 999,999, 1,000,000 to 1,999,999 and 2,000,000 to 2,099,999) and join them together.

curl -sku admin:<passwd> -H "Content-Type: application/octet-stream" -H "Content-Range: 0-999999/2100000" https://<host>/mgmt/cm/autodeploy/software-image-downloads/file.scf -o local1.scf
curl -sku admin:<passwd> -H "Content-Type: application/octet-stream" -H "Content-Range: 1000000-1999999/2100000"https://<host>/mgmt/cm/autodeploy/software-image-downloads/file.scf -o local2.scf
curl -sku admin:<passwd>  -H "Content-Type: application/octet-stream" -H "Content-Range: 2000000-2099999/2100000" https://<host>/mgmt/cm/autodeploy/software-image-downloads/file.scf -o local3.scf
cat local1.scf local2.scf local3.scf > local.scf 

Please refer to Demystifying iControl REST Part 5: Transferring Files: It describes more on iControl REST download and upload.