10-Apr-2023 09:13
hello,
i am not able to cupture trafic with tcpdump --f5 ssl :
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tmsh modify sys db tcpdump.sslprovider value enable
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tmsh modify sys db log.ssl.level value Debug
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config #
[root@BIGIP1:Peer Time Out of Sync:Changes Pending] config # tcpdump -s0 -ni 0.0:nnnp -w /var/tmp/"$HOSTNAME"_working_"$(date +%d-%m-%y)".pcap --f5 ssl -vv host 105.65.6.7
tcpdump: WARNING: The "ssl" option is disabled. The "ssl" option cannot be used in Common Criteria mode. Common Criteria mode is controlled by the DB variable security.commoncriteria.
have you any idea please?
10-Apr-2023 16:29
Hi Hamza,
If "sys db security.commoncriteria" value is true, you will get this warning.
tmsh list sys db security.commoncriteria
You need to change the value to false. The change will require reboot.