Forum Discussion
Tcpdump with f5-- ssl flag
hello,
i am not able to cupture trafic with tcpdump --f5 ssl :
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tmsh modify sys db tcpdump.sslprovider value enable
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tmsh modify sys db log.ssl.level value Debug
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tcpdump -s0 -ni 0.0:nnnp -w /var/tmp/"$HOSTNAME"_working_"$(date +%d-%m-%y)".pcap --f5 ssl -vv host 105.65.6.7
tcpdump: WARNING: The "ssl" option is disabled. The "ssl" option cannot be used in Common Criteria mode. Common Criteria mode is controlled by the DB variable security.commoncriteria.
have you any idea please?
Hi Hamza,
If "sys db security.commoncriteria" value is true, you will get this warning.
tmsh list sys db security.commoncriteria
You need to change the value to false. The change will require reboot.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com