F5 ASM with fortisandbox
Hi i want to integrate f5 ASM with fortisandbox as a icap server for file upload inspection i found this articale https://support.f5.com/csp/article/K70941653 but Value of virus_header_name for fortisandbox is not mentioned any one has experince of integration with fortisandbox. please let me know if anyone know virus_header_name for fortisandbox
F5 Open telemetry issue
Hi all, we have the issue with TS on f5, we installed TS package, set up declaration but when we are checking f5 url/telemetry we dont see atribute which we should see in the attachment you can see the declaration we have used and posted on f5 expecting to see everything, but we see only some basic status, not eg: f5 pool active members, f5 pool availability we dont see any errors in /var/log/restnoded/restnoded.log and when we check url: localhost/mgmt/shared/telemetry/pullconsumer/metrics we see nothing useful. Any help would be appreciated.f5 AI Gateway pii-redactor not working
I am testing Ai Gateway by looking at NGINX Modern Apps Docs. I have verified that OWASP LLM 01, 07 are working, but 02 Sensitive Information Configuration does not seem to be working. The demo video also contains Sensitive Information related content. how config Sensitive Information masking for ai gateway? https://clouddocs.f5.com/training/community/nginx/html/class15/module6/module6.html The processor's log looks like this: {"time":"2025-04-11T00:55:04.71766415Z","level":"ERROR","msg":"applying config to component failed, rolling back","error":"failed to check processors: failed to fetch parameters for processor pii-redactor: unable to fetch parameters from url: http://aigw-processors-f5.devopschan.svc.cluster.local/api/v1/signature/f5/pii-redactor, got status: 404"} 2025/04/11 00:55:04 WARN will retry config apply in 5s (1 of 3) {"time":"2025-04-11T00:55:05.368088471Z","level":"INFO","msg":"successfully reported usage data"} {"time":"2025-04-11T00:55:09.767886333Z","level":"ERROR","msg":"applying config to component failed, rolling back","error":"failed to check processors: failed to fetch parameters for processor pii-redactor: unable to fetch parameters from url: http://aigw-processors-f5.devopschan.svc.cluster.local/api/v1/signature/f5/pii-redactor, got status: 404"} 2025/04/11 00:55:09 WARN will retry config apply in 5s (2 of 3) {"time":"2025-04-11T00:55:14.817815787Z","level":"ERROR","msg":"applying config to component failed, rolling back","error":"failed to check processors: failed to fetch parameters for processor pii-redactor: unable to fetch parameters from url: http://aigw-processors-f5.devopschan.svc.cluster.local/api/v1/signature/f5/pii-redactor, got status: 404"} configuration file : ... responseStages: - name: protect steps: - name: pii-redactor ... - name: pii-redactor type: external config: endpoint: http://aigw-processors-f5.devopschan.svc.cluster.local namespace: f5 version: 1 params: threshold: 0.2 # Default 0.2 allow_rewrite: true # Default false denyset: ["EMAIL","PHONE_NUMBER","STREETADDRESS","ZIPCODE"] ... thank you.
AWS WAF - Bot Protection Rules
Hello guys, we are looking for this WAF Rule in the AWS Marketplace. We have interest in DDOS protection further, so can anyone tell me if the F5 Bot Protection Rules could work and what "DDOS bot/tools protection means". We will use the WAF for ALB, se we need to cover the layer 7 and not sure which kind of protection this can give us? If some hackers pretend to make a DDOS attack trough our Load Balancer, will be covered? "F5's Managed Rules for AWS WAF offer an additional layer of protection that can be easily applied to your AWS WAF. F5's Bot Protection rules analyze all incoming requests and block any malicious bot activities identified, including DDoS tools, vulnerability scanners, web scrapers, and forum spam tools"
NetScaler to F5 Migration
Hi Team, I am facing difficulties while converting the NetScaler ns.conf file into an F5 BIG-IP LTM configuration, particularly with VIPs, pools, and nodes. I have attempted multiple methods to perform this conversion but have not had success. If you have any recommended approaches or tools to facilitate this process, please share them with us. NetScaler Version: v13.5 Build 52Editing iRule for Maintainance Page with image local in F5 Big-IP iFile
Dear Community, I hope this message finds you well. I am reaching out to request your assistance in editing the iRule to redirect users to a maintenance page when all nodes are down. While the iRule is currently functioning as intended, I would like to incorporate images that represent our organization and application for users. I have successfully uploaded the images to F5 using iFile however, I am uncertain about how to reference these images within the HTML code of the iRule. Attached below, you will find a screenshot of the current page and a visual representation of the desired maintenance page. The code below: =================================================================================== when HTTP_REQUEST { if { [active_members [LB::server pool]] == 0 } { HTTP::respond 503 content " <!DOCTYPE html> <html lang='en'> <head> <meta charset='UTF-8'> <meta name='viewport' content='width=device-width, initial-scale=1.0'> <title>Maintenance Page</title> <style> body { font-family: Arial, sans-serif; background-color: #f4f4f4; color: rgb(27, 131, 111); display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; text-align: center; } .container { background: white; padding: 20px; border-radius: 8px; box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1); } h1 { font-size: 2em; margin: 0; } p { font-size: 1.2em; } .logos { margin-bottom: 20px; } .logos img { height: 150px; margin: 0 15px; } .gear-icon { font-size: 3em; color: rgb(27, 131, 111); } @media (max-width: 600px) { h1 { font-size: 1.5em; } p { font-size: 1em; } } </style> </head> <body> <div class='container'> <div class='logos'> <img src='/iFiles/Blackboard-LOGO' alt='Blackboard Logo'> <img src='/iFiles/PSAU-LOGO' alt='PSAU Logo'> </div> <h1>We'll be back soon!</h1> <p>Our website is currently undergoing maintenance. We are working hard to improve your experience. Stay tuned!</p> <p>! الموقع حاليا تحت الصيانة, نحن نعمل بجد لتحسين تجربة المستخدم، ترقبوا</p> <div class='gear-icon'>⚙️</div> </div> </body> </html> " "Content-Type" "text/html" } else { switch [HTTP::uri] { "/iFiles/Blackboard-LOGO" { HTTP::respond 200 content [ifile get "Blackboard-LOGO"] "Content-Type" "image/png" } "/iFiles/PSAU-LOGO" { HTTP::respond 200 content [ifile get "PSAU-LOGO"] "Content-Type" "image/png" } default { # Optionally handle requests for other pages here } } } } ================================================================================= Thank you in advance for your support. Regards Omran Mohamed
