Forum Discussion

Brandon's avatar
Brandon
Icon for Cirrostratus rankCirrostratus
Jan 20, 2023
Solved

irule logging question

I would like the ability to log the IPs that are dropped. 

 

 

when FLOW_INIT {
set ipaddr [IP::client_addr]
set fromCountry [whereis $ipaddr country]
if { (not[class match $fromCountry equals AnyConnect_VPN_PermitCountryCode_DataGroup] )} {

set vsname [virtual]

 

# log local0.notice 

drop

}

}

  • Have you tried something like this:

    log local0.notice "Denied IP on VIP $vsname : $ipaddr"