Forum Discussion
TCP::payload Help
Has anyone seen the following? When I look at the TCPdump I can see the text in the clear however when I do the TCP::collect I get the following in my log. Am I missing something or has anyone been able to look at a TDS packet from SQL and pull a string from the TCP::collect?
Here is the iRule that I have and the log file:
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0003 collecting at data ¾†‚€4Ó* ˜;i~êÅÈÝFcN‚&˜7DÑÐiHcÿ†/ÊÛ<>êö3�†�Ž< �™Ä²‘O~uò?Ð�-W¸D/1=j‹idªØ$wɤ8åÒáûµýD@Â×Ò“±·V$:<Š%r³Õ,¥NóU‘_8åa9Êiäy §1õÑ¢gTûBÍÖ:*}Ñ'¤jèËZòé·Ù,“¡
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0004 clientdata: ¾†‚€4Ó* ˜;i~êÅÈÝFcN‚&˜7DÑÐiHcÿ†/ÊÛ<>êö3�†�Ž< �™Ä²‘O~uò?Ð�-W¸D/1=j‹idªØ$wɤ8åÒáûµýD@Â×Ò“±·V$:<Š%r³Õ,¥NóU‘_8åa9Êiäy §1õÑ¢gTûBÍÖ:*}Ñ'¤jèËZòé·Ù,“¡
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0005 Data past InsertService
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0006 Set Trans_ID to:
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0003 collecting at data “�|82iû‚¿nFœ¶`£»¬ÐóF¶nNVŠÿEƒé×ÆZ¦îWïÓV‡(ÎËeäH©Õ)¤™ Á½¼ÎÀ ˆ|9È–DYÑœj¬÷6þ•'Ÿ×v^piÿÖgdp'rí! Pã¶Þ´©šÌªžz ÐÒœ·’At&ì"¼JuZöör‡¿o£k0(I0ÐÖ!‘ÜÇÜ®�—Ñ˼%R•‹üêˆuňúqfíº¡GnÀ«¥ì%�½í&G±Wœ·Ð³«ÃïÈ…+Â’j^ä{»—-ù€¥gËÅtömÿŸî¾²¢×D{‰ÓÕ$,|ÁÅàèH¨9éJâvL
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0004 clientdata: “�|82iû‚¿nFœ¶`£»¬ÐóF¶nNVŠÿEƒé×ÆZ¦îWïÓV‡(ÎËeäH©Õ)¤™ Á½¼ÎÀ ˆ|9È–DYÑœj¬÷6þ•'Ÿ×v^piÿÖgdp'rí! Pã¶Þ´©šÌªžz ÐÒœ·’At&ì"¼JuZöör‡¿o£k0(I0ÐÖ!‘ÜÇÜ®�—Ñ˼%R•‹üêˆuňúqfíº¡GnÀ«¥ì%�½í&G±Wœ·Ð³«ÃïÈ…+Â’j^ä{»—-ù€¥gËÅtömÿŸî¾²¢×D{‰ÓÕ$,|ÁÅàèH¨9éJâvL
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0005 Data past InsertService
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0006 Set Trans_ID to:
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0003 collecting at data exec dsp_DI_GetXMLSchema '100', '50', '071707BigIPTestTry2Test77', '1', '26'
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0004 clientdata: exec dsp_DI_GetXMLSchema '100', '50', '071707BigIPTestTry2Test77', '1', '26'
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0005 Data past InsertService
Jul 24 15:29:39 tmm tmm[1121]: Rule getfiled_Test : 0006 Set Trans_ID to:
when RULE_INIT {
log local0. "0001 iRule RealEC-iRule initialized"
}
when CLIENT_ACCEPTED {
log local0. "0002 New client connection from [IP::client_addr]:[TCP::client_port]"
TCP::collect
log local0. "0003a collecting at accepted"
}
when CLIENT_DATA {
log local0. "0003 collecting at data [TCP::payload]"
set client_data [TCP::payload]
set InsertService [findstr "InsertService" 18 100]
log local0. "0004 clientdata: $client_data"
If we see Insert Service set Persist
set trans_id [getfield $InsertService "&" 2 ]
log local0. "0005 Data past InsertService $InsertService"
log local0. "0006 Set Trans_ID to: $trans_id"
if { $trans_id != "" } {
persist uie $trans_id 60
log local0. "Persisting $trans_d to [persist lookup uie $trans_id]"
}
TCP::release
TCP::collect
}
when LB_SELECTED {
After logic is run and server is selected, log which one
log local0. "Selected server [LB::server]"
}
1 Reply
- Very strange. And you say that when you do a dump, it comes through in cleartext? Where are you doing the dump? Have you tried doing the dump on the client interface of the BIG-IP?
Colin
