NimbostratusDuplicate SMTP traffic for SMTP dlp testing
Hi all,
It will be great to have your mind to get any direction how to make it happen.
I have a VS that forward SMTP traffic to a pool, the VS is standard with TCP profile.
In order to test a new DLP mail relay i want all the traffic that coming to the VS will be send also to the new mail relay but i need the new mail relay to think he is the destination of the traffic in L3 and not only in L2 and it means i cant use the clone pool command in irule or through the VS clone settings.
I try to get it work with sideband connection but still have issues to get it work.
Any idea how to get my goal?
Here is the last irule i tested:
when CLIENT_ACCEPTED {
log local0.debug "SMTP::client accepted event"
TCP::collect
}
when CLIENT_DATA {
set len [TCP::payload length]
log local0.debug "SMTP::client data len : ($len)"
log local0.debug "SMTP::payload is: [TCP::payload 15]"
set conn [connect -timeout 300 -idle 30 -status conn_status X.X.X.X:25]
log local0.debug "SMTP::conn $conn "
if {$conn eq ""} then {
log local0.debug "SMTP::conn FAILED"
TCP::release
return
}
set conn_info [connect info -idle -status $conn]
log local0.debug "SMTP::con info $conn_info"
set send_info [send -timeout 300 -status send_status $conn [TCP::payload]]
log local0.debug "SMTP::send info $send_info"
set recv_data [recv -timeout 300 -status recv_status $conn]
log local0.debug "SMTP::recieved $recv_data"
close $conn
TCP::release
}
My tests are telnet to the vs and i want to get the VS pool member mail relay prompt in the cli but it doesnt work :(
Hope i manage to explain my need and issue, any help will be appreciated :)
