Duplicate SMTP traffic for SMTP dlp testing
Hi all, It will be great to have your mind to get any direction how to make it happen. I have a VS that forward SMTP traffic to a pool, the VS is standard with TCP profile. In order to test a new DLP mail relay i want all the traffic that coming to the VS will be send also to the new mail relay but i need the new mail relay to think he is the destination of the traffic in L3 and not only in L2 and it means i cant use the clone pool command in irule or through the VS clone settings. I try to get it work with sideband connection but still have issues to get it work. Any idea how to get my goal? Here is the last irule i tested: when CLIENT_ACCEPTED { log local0.debug "SMTP::client accepted event" TCP::collect } when CLIENT_DATA { set len [TCP::payload length] log local0.debug "SMTP::client data len : ($len)" log local0.debug "SMTP::payload is: [TCP::payload 15]" set conn [connect -timeout 300 -idle 30 -status conn_status X.X.X.X:25] log local0.debug "SMTP::conn $conn " if {$conn eq ""} then { log local0.debug "SMTP::conn FAILED" TCP::release return } set conn_info [connect info -idle -status $conn] log local0.debug "SMTP::con info $conn_info" set send_info [send -timeout 300 -status send_status $conn [TCP::payload]] log local0.debug "SMTP::send info $send_info" set recv_data [recv -timeout 300 -status recv_status $conn] log local0.debug "SMTP::recieved $recv_data" close $conn TCP::release } My tests are telnet to the vs and i want to get the VS pool member mail relay prompt in the cli but it doesnt work :( Hope i manage to explain my need and issue, any help will be appreciated :)