Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

iRule Security 101 - #07 - FTP Proxy

We get questions all the time about custom application protocols and how one would go about writing an iRule to "understand" what's going on with that protocol.  In this article, I will look at the F...
Published Nov 14, 2007
Version 1.0
101
basic
big-ip
dev
getting started
news
security
tech tip
Kirk_Bauer_1018's avatar
Kirk_Bauer_1018
Icon for Altostratus rankAltostratus
Oct 31, 2008
This rule doesn't work on my 9.4.5 HF2 box. Basically, because it does a TCP::collect and immediately a TCP::release in the CLIENT_ACCEPTED block, the CLIENT_DATA event is never triggered (it only logs data coming from the server). But if you don't do a TCP::release in CLIENT_ACCEPTED then the rule will hang because the client doesn't send data until it gets the banner from the server.