what iRule event would be triggered by Non-TCP/non-UDP/non-SCTP protocol?

Hi there,

I don't know the exact answer, but I believe CLIENT_ACCEPTED is only triggered when a "connection" is added to the connection table. In a quick test on 9.4.5HF2, ICMP through a fastL4 VIP did generate a connection table entry and did trigger the CLIENT_ACCEPTED event. I'm not sure how other protocols are handled, but it looks somewhat promising for you.

Have you tried testing other protocols and seen an issue?

   
   virtual forwarding_vs {   
      snatpool snat_pool   
      pool live_gateway_pool   
      destination any:any   
      mask none   
      rules fastl4_logging_rule   
      profiles loose_open_close_fastl4   
   }   
   profile fastL4 loose_open_close_fastl4 {   
      defaults from fastL4   
      idle timeout 7200   
      loose initiation enable   
      loose close enable   
   }   
   rule fastl4_logging_rule {   
      when CLIENT_ACCEPTED {   
       Get time for start of connection in milleseconds   
      set tcp_start_time [clock clicks -milliseconds]   
      
       Log the start of a new TCP connection   
      log local0. "New connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]"   
   }   
   when CLIENT_CLOSED {   
       Log the end time of the TCP connection   
      log "Closed connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]\ 
         (open for: [expr [clock clicks -milliseconds] - $tcp_start_time]ms)"   
   }   
   }   
   

The connection table entry:

VIRTUAL any:any <-> NODE 100.100.100.100:8 TYPE any

CLIENTSIDE 10.0.0.1:22143 <-> 100.100.100.100:8

(pkts,bits) in = (6, 588) out = (0, 0)

SERVERSIDE 10.1.0.61:22143 <-> 100.100.100.100:8

(pkts,bits) in = (0, 0) out = (6, 588)

PROTOCOL icmp UNIT 1 IDLE 302 (7200) LASTHOP 4094 00:01:d7:00:00:0f

Log output:

Rule fastl4_logging_rule : New connection from 10.0.0.1:22143 to 100.100.100.100:8

Aaron