SSL Renegotiation DOS iRule - Updates
There’s been a lot of commentary on the previous post (SSL Renegotiation DOS – an iRule Countermeasure). Here are some of the updates and corrections. After the previous post went live, Jorge Or...
Published May 16, 2011
Version 1.0David_Holmes_12
Historic F5 Account
Joined December 19, 2012
David_Holmes_12
Historic F5 Account
Joined December 19, 2012
Steven_87308
Oct 15, 2013Nimbostratus
We were trying to test this today and got a bit stuck. Is there an easy way to trigger say, 100 https sessions in a row? And where would the log be found -- can we specify the name? We were looking in /var/logs, but didn't see it show up in existing logs as we tried to trigger a test.
We began analyzing this today, for we suddenly began to get these messages in the GUI, constantly from the orginal version of the rule...
Mon Oct 14 13:05:15 CDT 2013 err LTM tmm[11044] 01220001 TCL error: /Common/irule_SSLRenegotiationDOSCountermeasure - can't read "flow": no such variable while executing "table delete -subtable reqrate:$flow -all"
Mon Oct 14 13:05:17 CDT 2013 err LTM tmm1[11044] 01220001 TCL error: /Common/irule_SSLRenegotiationDOSCountermeasure - no serverside connection established (line 1) invoked from within "IP::server_addr"