Problems connecting to vpn after upgrading to ubuntu 24.04
good afternoon, I have upgraded ubuntu to 24.04 and since then I can no longer connect correctly to the vpn with the f5 client. In the client it appears that I am connected to the vpn, but then I do not reach any of the sites and servers that with the 22.04 version if it arrived. Can you help me.
DevCentral Visits BlackHat 2023 !!!
Once again, buulam is headed to BlackHat in Las Vegas! He's super-excited to hit the ground in the desert to meet up with the community and some F5 partners! He'll be bringing the experience back to you, right here, so bookmark this article for all the latest news! Find the F5 Booth at Black Hat: Looking for the F5 Booth? Here it is! Check out the prize vending machine, Lego give aways, and the new Frankenstack plushies. 🎁 If you're at the show, keep your peepers peeled 👀 for buulam who would love to say "hi!" A talk with Kara Sprague, Chief Product Officer at F5 Buu Lam talks with F5 Chief Product Officer Kara Sprague about F5 solutions, particularly around APIs and Multi-Cloud Networking, and what's in store for the future. 00:30 - What does the role of Chief Product Officer entail? 01:30 - Why API security has suddenly become so important in recent years? 03:40 - The exponential increase in API sprawl. 04:11 - Multi-Cloud Networking growth as a use case. 05:45 - F5 being able to deliver security embedded within Multi-Cloud networking architecture. 06:30 - What does the future hold for F5? Bots, AI, and Social Engineering with Dan Woods at Black Hat 2023 Buu Lam talks with Dan Woods (Global Head of Bot and Risk Management at F5) about bots and AI bring used to create social influence and enhance the damage of social engineering. 00:45 - Ticket bots and Sneaker bots 01:46 - Are businesses actually trying to fix this? 03:10 - Bots and AI being used to create mass social influence 06:10 - AI being used to greatly enhance the damage of social engineering Quantum Cryptography with Keyfactor at Black Hat 2023 Ted Shorter from Keyfactor talks about post-quantum cryptography, its impact, and how organizations can stay ahead of the curve. 00:40 - Post-Quantum Cryptography 01:00 - KeyFactor's PQC Lab: an educational resources 02:20 - Strategies for thriving in a post-quantum world Check out PQC Labs educational resources here! MazeBolt's RADAR Dashboard Matthew Andriani (Founder and CEO of MazeBolt) walks us through a demo of MazeBolt's RADAR dashboard--showing how vulnerabilities can be remediated, then re-checked with updated results within 5 minutes. Fighting security alert fatigue with Stellar Cyber SOC teams face alert fatigue and the burden of so many tools. Stephen Salinas shares how Stellar Cyber uses AL and ML to reduce the noise. This allows security analysts to use information gathered across all their security tools to reach conclusions quickly. For more coverage from Buu Lam at #BlackHat, check out the DevCentral overview here: https://community.f5.com/t5/devcentral-news/devcentral-visits-blackhat-2023/ta-p/319253 App and Security teams working together with Venafi Teamwork makes the dream work. Paul from Venafi sees app and security teams coming together to resolve conflicts by reaching the outcomes they want without getting in each others way. The API security journey with WWT Where are you at in your API security journey? David and Clint from WWT share their perspective, their education-focused engagement with customers, the importance of real world scenario training. Until next time, Black Hat! That's a wrap for DevCentral at Black Hat 2023! Buu Lam shares some takeaways and observations: API security dominating discussions Hybrid and Multi-Cloud is the new norm Frankenstacks are cool, look for them at future events
iRule [string range...] not chunking data properly
I have an irule (much of which I found here) that is to gather some much needed troubleshooting data I need in regards to the headers and payload I have coming in. The payload is obvisouly too large for a single log line so this was supposed to chunk it into manageable bytes. I had to make some modifications to the original irule which did not work, but now it is working, sort of. It logs the first 900 bytes as it should, then something happens and skips a bunch, and then logs the final bytes of data. I can't understand why it's not grabbing either the proper amount of data or failing to output this second chunk of missing data before making its final loop. iRule is here: when RULE_INIT { # Log debug to /var/log/ltm? 1=yes, 0=no set static::payload_dbg 1 # Limit payload collection to 5Mb set static::max_collect_len 5368709 # Max characters to log locally (must be less than 1024 bytes) # https://clouddocs.f5.com/api/irules/log.html set static::max_chars 900 set static::min_chars 0 } when HTTP_REQUEST { # Only collect POST request payloads if {[HTTP::method] equals "POST"}{ if {$static::payload_dbg}{log local0. "POST request"} # Get the content length so we can request the data to be processed in the HTTP_REQUEST_DATA event. if {[HTTP::header exists "Content-Length"]}{ set content_length [HTTP::header "Content-Length"] } else { set content_length 0 } # content_length of 0 indicates chunked data (of unknown size) if {$content_length > 0 && $content_length < $static::max_collect_len}{ set collect_length $content_length } else { set collect_length $static::max_collect_len } if {$static::payload_dbg}{log local0. "Content-Length: $content_length, Collect length: $collect_length"} foreach aHeader [HTTP::header names] { log local0. "HTTP Request Headers: $aHeader: [HTTP::header value $aHeader]" } #set payload [HTTP::collect $collect_length] HTTP::collect $collect_length } } when HTTP_REQUEST_DATA { # Log the bytes collected if {$static::payload_dbg}{log local0. "Collected [HTTP::payload length] bytes"} # Log the payload locally if {[HTTP::payload length] < $static::max_chars}{ log local0. "Payload=[HTTP::payload]" } else { # Initialize variables set remaining [HTTP::payload] set position 0 set count 1 set bytes_logged 0 # Loop through and log each chunk of the payload while {[string length $remaining] > $static::min_chars}{ #chunk = 899 set chunk [expr {$position + $static::max_chars -1}] log local0. "Chunk: $chunk" log local0. "Position start: $position" # Get the current chunk to log (subtract 1 from the end as string range is 0 indexed) set current [string range $remaining $position $chunk] log local0. "chunk $count=$current" log local0. "Current chunks bytes: [string length $current]" # Add the length of the current chunk to the position for the next chunk incr position [string length $current] # Get the next chunk to log set remaining [string range $remaining $position end] incr count incr bytes_logged $position log local0. "remaining bytes=[string length $remaining], \$position=$position, \$count=$count, \$bytes_logged=$bytes_logged" } if {[string length $remaining]}{ log local0. "chunk $count=$current" incr bytes_logged [string length $remaining] } log local0. "Logged $count chunks for a total of $bytes_logged bytes" } } when HTTP_RESPONSE { foreach aHeader [HTTP::header names] { log local0. "HTTP Request Headers: $aHeader: [HTTP::header value $aHeader]" } } The image below shows what I'm talking about - it even says "Oh I found 3 chunks", but I'm only being presented 2. I added some logging around the position, chunk value (aka end position), and bytes logged to help illustrate that it's clearly skipping over something. Any help would be appreciated! Thanks
Limiting closed port RST response from 501 to 500 packets/sec for traffic-group/Common/trafficgroup1
Hi Guys, I have read the following KB https://support.f5.com/csp/article/K13151 about TCP RSTs, i`m in situation when i get on ltm the following logs Limiting closed port RST response from 501 to 500 packets/sec for traffic-group /Common/traffic-group-1 followed with high peak of analysis plane around 100% at that time. Does this indicate a Dos/DDos attack or smth else. Thnx in advance
