SSL Session Ciphers

i am not an expert. anyway, it is fun to write irule, so i never mind to do it if i can. however, in some case, it is difficult or i am not able to test it out. i prefer testing it before giving irule.

e.g.

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:443
   ip protocol 6
   rules myrule
   profiles {
      clientssl {
         clientside
      }
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when RULE_INIT {
   set static::tabletimeout 3600
}
when CLIENT_ACCEPTED {
   log local0. "[IP::client_addr]:[TCP::client_port] is connecting"
}
when CLIENTSSL_HANDSHAKE {
   set sid "[SSL::sessionid]"
   set cp "[SSL::cipher name]"
   log local0. "sessionid is $sid"
   log local0. "cipher is $cp"

   if {[table lookup $sid] ne ""} {
      if {[table lookup $sid] ne $cp} {
         log local0. "resume ssl session but cipher is different"
         reject
      }
      log local0. "resume ssl session and cipher is identical"
   } else {
      log local0. "new ssl session"
      table set $sid $cp $static::tabletimeout indefinite
   }
}
}

/var/log/ltm
Jul  3 23:31:03 local/tmm info tmm[5111]: Rule myrule : 192.168.206.55:51112 is connecting
Jul  3 23:31:03 local/tmm info tmm[5111]: Rule myrule : sessionid is 80f1024444a55cd8189cffe6ca7e7c18decbac0776a4c09e1b762accc8e86974
Jul  3 23:31:03 local/tmm info tmm[5111]: Rule myrule : cipher is RC4-SHA
Jul  3 23:31:03 local/tmm info tmm[5111]: Rule myrule : resume ssl session and cipher is identical