Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

irule logging question

Go to solution
Brandon
Cirrostratus
Cirrostratus

‎19-Jan-2023 18:44

I would like the ability to log the IPs that are dropped. 

 

 

when FLOW_INIT {
set ipaddr [IP::client_addr]
set fromCountry [whereis $ipaddr country]
if { (not[class match $fromCountry equals AnyConnect_VPN_PermitCountryCode_DataGroup] )} {

set vsname [virtual]

 

# log local0.notice 

drop

}

}

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
mihaic
MVP
MVP

‎19-Jan-2023 22:20 - edited ‎19-Jan-2023 22:22

Have you tried something like this:

log local0.notice "Denied IP on VIP $vsname : $ipaddr"

 

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
mihaic
MVP
MVP

‎19-Jan-2023 22:20 - edited ‎19-Jan-2023 22:22

Have you tried something like this:

log local0.notice "Denied IP on VIP $vsname : $ipaddr"

 

0 Kudos

Go to solution
Brandon
Cirrostratus
Cirrostratus
In response to mihaic

‎27-Jan-2023 05:29

thank you works great

0 Kudos

Go to solution
JamesCorreia
Nimbostratus
Nimbostratus

‎27-Jan-2023 00:14

Thanks, I will try it.

.
0 Kudos
Copyright © 2023 Khoros, LLC