Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description Replacement for the string first command to handle Unicode characters Problem solved by this Code Snippet There is a bug ID 999881 which cau...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description This script will allow you to update your BIG-IP system syslog configs, just add hosts to the host list variable and it will iterate through...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description A question was asked on how you filter which virtuals might have clientside/serverside profiles, or ssl without profiles as passthrough. The...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description (From Author @Torijori_Yamamada this post in Technical Forum) I've needed an iRule to read query & query-type from dns packets and send them...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description Uses cert-manager in Kubernetes to maintain Let's Encrypt signed management certificates on F5 devices. Problem solved by this Code Snippe...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’.Short DescriptionPerform autonomous F5 LTM upgrades with pythonUsing a single python script to Automate F5 LTM's deployed as a High Available PairProblem solve...
I will share my script to decrypt TLS on the F5 v15+. You do not need to change any TLS oder cipher settings, have access to private keys or add special iRules. It should work out of the box with all TLS versions.It uses the information that the tcpd...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description This script adds a cli tool (in python) to quickly look up autonomous systems by number or name. Problem solved by this Code Snippet Not a p...
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description iApp to simplify deployment of spring4shell Problem solved by this Code Snippet My friend and colleague Ismael wrote a useful iRule to miti...
One week ago, on 27. April 2022, the IETF has published RFC 9116 describing the security.txt file. The purpose of this file is to aid in responsible disclosure, a process that allows security researchers to safely report vulnerabilities. The file sh...
Hi there, On March 30, 2022, a remote code execution (RCE) vulnerability was found in the Java Spring Framework, identified by the CVE 2022-22965. I am sharing an example iRule to assist with mitigation of this CVE. This may require further customiz...
The backup script is executed from the BIG-IP device and the UCS file created is copied to a remote SCP server. After the file has been copied, it is deleted locally. All the backup steps are logged to the local syslog. https://github.com/pedrorourem...
SNI (Server Name Indication) is an extension of the TLS protocol that is used by the client to indicate the hostname it is attempting to connect to at the start of the SSL handshake. In the case of the BIG-IP the SNI can be used to select which cli...
I wrote a small Python script to export all AWAF policies from a BIG-IP device.The script leverages BIG-IP iControl REST API to export ALL AWAF policies in the system and saves them locally. The policies can be exported in the following formats: xml,...
Problem this snippet solves:iRule that helps to mitigate the Log4j vulnerability with use of public available IOCs. Currently the following IOCs can be used:cert-agid.gov.it (Contains scan IP's): https://cert-agid.gov.it/download/log4shell-iocs.txtNL...
Problem this snippet solves:This is a simple cli script used to collect all the virtual-servers name, its destination created in a server or ltm server. A sample output would be like below,How to use this snippet:This is similar to my other share - h...
Problem this snippet solves: There is a CVE released related to Apache log4j, which could be a vulnerability on a server located behind the BIG-IP. F5 SIRT have helpfully created an iRule to mitigate this vulnerability, this is an iApp to simplify cr...
Problem this snippet solves:Sample Request:https://x.x.x.x/abcdefgh-ijkl-mnop-qrst-0123456789#value=%22I%20am%20the%20one%22&name=%22Mike%22&p=%220f2fd14389da8d85fbd215c789f7f7d5%22Requirement:Extract Account ID from request URI such as ‘abcdefgh-ijk...
Problem this snippet solves:How to create a VoltMesh node inside an existing VPC. The VoltMesh node will be a two interfaces node and so could be used as both an ingress or egress gateway for the VPC.How to use this snippet:Pre-Requirements:Get and c...
Problem this snippet solves:How to create an HTTPS Origin that could be used in a VoltMesh HTTP or HTTPS Load-Balancer.This Origin is based on a public IP.How to use this snippet:Pre-requirements:Have a Volterra API Certificate. Please see this page ...
