For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chris_Phillips's avatar
Chris_Phillips
Icon for Nimbostratus rankNimbostratus
Sep 23, 2007

tcp connection logging at maximum demarcation points

Hi,     following on from the general principles in this codeshare     http://devcentral.f5.com/wiki/default.aspx/iRules/LogHttpTcpUdpToSyslogng.html     how acan this be expanded fu...
application delivery
dev
devops
iRules
Deb_Allen_18's avatar
Deb_Allen_18
Historic F5 Account
Sep 25, 2007
Hi Chris--

 

 

We really have no way in iRules to differentiate between the different types of close that might take place on a connection: RST, FIN, timeout all look the same inside of iRules.

 

 

Calculating how much data is transfered would definitely be possible, although you'd be introducing latency to each connection & adding system overhead by collecting in both directions and doing the math.

 

 

I think GUI control of the syslog config would be a good add to the product. I'd say definitely open a case and request a CR or Feature Request for that functionality or to be linked to any existing CR requesting it.

 

 

HTH

 

/deb