Forum Discussion

Yugandhar's avatar
Yugandhar
Icon for Nimbostratus rankNimbostratus
Aug 07, 2020

iRule to Log TLS Version and HTTP Host and URI

Hi,   Created the following iRule to log the TLS ver info and HTTP Host and URI Details.   ========================================== when CLIENTSSL_HANDSHAKE {              if { [SSL:...
application delivery
BIG-IP
LTM
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Aug 07, 2020

Hi Yugandhar,

[SSL::cipher version] : Returns the current SSL cipher version using the format of the OpenSSL SSL_CIPHER_get_version() function (e.g. “SSLv2”, “SSLv3”, “TLSv1”, “TLSv1.1”, “TLSv1.2”).

REF: https://clouddocs.f5.com/api/irules/SSL__cipher.html

when CLIENTSSL_HANDSHAKE {
	if { [SSL::cipher version] equals "TLSv1" || [SSL::cipher version] equals "TLSv1.1" || [SSL::cipher version] equals "TLSv1.2" }{
		set FLAG 1
		set TLS-VER [SSL::cipher version]
	}
	else {
		set FLAG 0
	}
}
 
when HTTP_REQUEST {
	if { $FLAG } {
		set VIP [IP::local_addr]:[TCP::local_port]
		set CLIENT [IP::client_addr]:[TCP::client_port]
		set URL [HTTP::host][HTTP::uri]
		log local0. "Client ($CLIENT) connected to the VIP ($VIP) for $URL using $TLS-VER"
	}
}

You don't need CLIENTSSL_HANDSHAKE event in iRule:

when HTTP_REQUEST {
	set TLS-VER [SSL::cipher version]
	set VIP [IP::local_addr]:[TCP::local_port]
	set CLIENT [IP::client_addr]:[TCP::client_port]
	set URL [HTTP::host][HTTP::uri]
	log local0. "Client ($CLIENT) connected to the VIP ($VIP) for $URL using $TLS-VER"
}