Forum Discussion

Ken-Dawg's avatar
Ken-Dawg
Icon for Nimbostratus rankNimbostratus
Sep 22, 2022

what's wrong with my syntax in this iRule?

I want to write and iRule to key on a source IP and log the pre-shared master keys: when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 10.10.10.10] } { when CLIENTSSL_HANDSHAKE { log ...
  • Kevin_Stewart's avatar
    Sep 22, 2022

    Can't have iRule events nested inside other events.

     

    when CLIENTSSL_HANDSHAKE {
        if { [IP::addr [IP::client_addr] equals 10.10.10.10] } {
            log local0. "[TCP::client_port] :: RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]"
        }
    }
    
    when SERVERSSL_HANDSHAKE {
        if { [IP::addr [IP::client_addr] equals 10.10.10.10] } {
            log local0. "[TCP::client_port] :: RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]"
        }
    }

     

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Sep 22, 2022

    Just do this in the server side event to see what the client IP is:

    when SERVERSSL_HANDSHAKE {
        log local0. "client IP: [IP::client_addr]"
        if { [IP::addr [IP::client_addr] equals 10.10.10.10] } {
            log local0. "[TCP::client_port] :: RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]"
        }
    }