Automating Packet Captures on BIG-IP

How many times have you had to log in to BIG-IP, copy/paste the tcpdump commands in, look at the file name, scp the file down or away, then rinse/repeat with other key files or re-capture something...
Published Apr 25, 2022
Version 1.0
devops
iRules
tcpdump
tls
Juergen_Mang's avatar
Juergen_Mang
Icon for MVP rankMVP
May 20, 2022

I have already scripted a utility here to automatically extract the pre master secrets from a tcpdump with enabled f5 sslprovider. The pre master secret file can then be used with whireshark to do the decrpytion. Decryption works with all ssl versions including tls 1.3 any any number of tcp streams.

If there is any interesst, I can share it with the community.