API Calls to F5 limited to 1024 KB download
Hi, I am interacting with the F5 API in order to download ASM policies for the purpose of automating the backups. The process works fine however policies larger than 1024 KB are cut off at this size of 1024 KB. Initially I suspected that there was a default limit on the curl request however I have not been able to find information on how to increase this with the curl request. Is this a limitation on the F5 API or the Curl request? wget is not an option as this is not natively supported on the F5 virtual appliance. My script lives on the appliance, downloads the relevant policies and then pushes them to a SMB share. The only issue is that the ASM policies that are larger than 1024 KB are being cut off at 1024 KB. The API calls are as per the documentation here: http://cdn.f5.com/websites/devcentral.f5.com/downloads/icontrol-rest-api-user-guide-13-0-0.pdf specifically: GET https://x.x.x.x/mgmt/tm/asm/policies POST https://x.x.x.x/mgmt/tm/asm/tasks/export-policy GET https://x.x.x.x/mgmt/tm/asm/file-transfer/downloads/$asmPolicy Excluding the processing in my script the API calls I make are shown below: I expect the issue resides in the download api call. Is there a switch I can add to increase this limit? curl -ku 'username:password' -X GET https://x.x.x.x/mgmt/tm/asm/policies | jq '.items[] | "pol_name:" + .name + ";api_id:" + .id' >> $wdir/asmDetails.txt curl -ku 'username:password' -X POST https://x.x.x.x/mgmt/tm/asm/tasks/export-policy -H 'Content-Type: application/json' -d '{"filename":"'$asmPolicy'","policyReference":{"link":"https://localhost/mgmt/tm/asm/policies/'$asmIDs'"}}' curl -ku 'username:password' -X GET https://x.x.x.x/mgmt/tm/asm/file-transfer/downloads/$asmPolicy > $wdir/asmBackup/"$folderName"/$number-$asmPolicy-$hostname-"$dateStamp".xml Thanks
DHE 1024 bits Vulnerability Solved?
Hi Guys, I have 3 volumes on my Lab F5. - 11.6.0 - 11.6.0 with HotFix 6 - 12.1.0 with HotFix 1 I booted in to the 11.6.0 with HotFix 6 volume and performed an sslscan on the device and noted the DHE 1024 bits vulnerability many have already commented on in DevCentral. I then booted in to the volume running Ver 12.1 with HotFix 1 and performed the same scan and noted the DHE 1024 bits was no longer an issue. See below: I have been looking around to try and find some documentation around the DHE 1024 bits vulnerability now being resolved in this latest version however I cannot find any document to support what I see in my scans. I'm going to install another volume running 12.0 to try and narrow down where what version or hotfix this change took place. If anyone knows where this change took place or can point me to the documentation that would be great. We are looking at upgrading from 11.6 HF6 to 12.1 HF1 in our production environment.
