iRule to stop SSLv3 connections

As requested here is the script i used. I give Jeff all the Credit for this, i just took his script and modified it for my own usage. I have tested this successfully on many vips as i mentioned with or without SSL offloading. Issue you will have is this is all happening at Layer4 thus no way (That i have found yet) to alert client to why you rejected or dropped them. Here is the modified script i used. Name: Block-SSLV3-and-Lower2-TCPLayer Description: This irule will reject any attempt to connnect using an SSL3 or lower client. This is at the TCP layer you cant send a html page back to user. This will work for types of connections ssl-offload and no ssl-offload. Just needs to use the TCP profile. when CLIENT_ACCEPTED { set Collect_Len 3 TCP::collect $Collect_Len } when CLIENT_DATA { set Buf_Len [TCP::offset] if { $Buf_Len < 3 } { incr Collect_Len -$Buf_Len TCP::collect $Collect_Len return } binary scan [TCP::payload] cS Rec_Type Version if { $Version <= 768 } { log local0.notice "Rejecting SSLv3 or lower connection attempts from [IP::client_addr] to [IP::local_addr]" reject } else { TCP::release } }