Forum Discussion
nitass
Oct 13, 2011Employee
1. i got the connection was reset page.
2. yes, i think so.
[root@iris:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.17.33:http
ip protocol tcp
rules myrule
}
[root@iris:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
log local0. "before reject command"
reject
log local0. "after reject command"
}
}
[root@iris:Active] config tcpdump -nni 0.0 port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes
12:35:41.495068 IP 192.168.206.102.50844 > 172.28.17.33.80: S 3555768222:3555768222(0) win 8192
12:35:41.495126 IP 172.28.17.33.80 > 192.168.206.102.50844: S 3902321246:3902321246(0) ack 3555768223 win 3780
12:35:41.495407 IP 192.168.206.102.50844 > 172.28.17.33.80: . ack 1 win 16695
12:35:41.495482 IP 172.28.17.33.80 > 192.168.206.102.50844: R 1:1(0) ack 1 win 3780
12:35:41.496673 IP 192.168.206.102.50845 > 172.28.17.33.80: S 813505315:813505315(0) win 8192
12:35:41.496708 IP 172.28.17.33.80 > 192.168.206.102.50845: S 370932803:370932803(0) ack 813505316 win 3780
12:35:41.497102 IP 192.168.206.102.50845 > 172.28.17.33.80: . ack 1 win 16695
12:35:41.497183 IP 172.28.17.33.80 > 192.168.206.102.50845: R 1:1(0) ack 1 win 3780
12:35:41.497376 IP 192.168.206.102.50845 > 172.28.17.33.80: P 1:369(368) ack 1 win 16695
12:35:41.497393 IP 172.28.17.33.80 > 192.168.206.102.50845: R 1:1(0) ack 369 win 0
10 packets captured
10 packets received by filter
0 packets dropped by kernel
[root@iris:Active] config tail -f /var/log/ltm
Oct 13 12:35:29 local/tmm notice tmm[4601]: 013e0001:5: Tcpdump starting bcast on :::0 from 127.1.1.1:44469
Oct 13 12:35:41 local/tmm info tmm[4601]: Rule myrule : before reject command
Oct 13 12:35:41 local/tmm info tmm[4601]: Rule myrule : after reject command
Oct 13 12:35:41 local/tmm info tmm[4601]: Rule myrule : before reject command
Oct 13 12:35:41 local/tmm info tmm[4601]: Rule myrule : after reject command
Oct 13 12:35:47 local/tmm notice tmm[4601]: 013e0002:5: Tcpdump stopping on 127.1.1.2:1030 from 127.1.1.1:44469