Forum Discussion
NimbostratusTrying to log HTTPS explicit proxy
So I am using Brett Smith's explicit proxy iApp, and trying to log traffic going through the VS created using the following iRule
when HTTP_REQUEST {
log local0.info "HTTP::method: [HTTP::method]: HTTP::request : [HTTP::request]; CONNECTFROM [IP::client_addr]"
}
I can only log http requests, and not https in the LTM logs. Anyone have any idea what changes to the iRule I need to make to log the https traffic?
2 Replies
I'm not familiar with that iApp template. Does it include the SSL forward proxy feature? You'll need to use that to decrypt outbound SSL.
We have an iApp specifically for transparent/explicit SSL forward proxy (with AAM acceleration for SaaS apps):
https://devcentral.f5.com/codeshare/ssl-forward-proxy-with-web-acceleration-iapp-template
Hannes_RappHello,
This iRule is suitable for both - HTTP as well as for HTTPS. The criteria for use is that in case of HTTPS, F5 has to decrypt clientside traffic flow so that the HTTP headers can be inspected. It does not matter if you attach this particular iRule to a HTTP or HTTPS Virtual Server, but in case of HTTPS you must also assign a clientssl profile.
There are no workarounds here, two functions in your iRule require that the clientside traffic flow must be decrypted:
and[HTTP::method]
. The[HTTP::request]
function is the only one which can be used in case of encrypted traffic flow.[IP::client_addr]
