F5 custom user_alert.conf same trap with alert.conf
Hi Refer tohttps://support.f5.com/csp/article/K3727. We should use different name and different match message from the one in alert.conf If I want to set email alert on CPU temp high (this stanza is in alert.conf) alert BIGIP_SYSTEM_CHECK_E_CPU_TEMP_HIGH { snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.4"; lcdwarn description="CPU Temp too high." priority="3" } How can i do it in user_alert.conf? Should I just copy above stanza into user_alert.conf? eg. alert BIGIP_SYSTEM_CHECK_E_CPU_TEMP_HIGH { >>>> same name snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.4"; >>> same oid lcdwarn description="CPU Temp too high." priority="3"; email toaddress="test@test.com fromaddress="f5@test.com }Solved1.1KViews0likes1CommentIs /etc/ssmtp/ssmtp.conf reverting to default state after reboot in 11.5.1?
I modified /etc/ssmtp/ssmtp.conf's mailhub value to route local mail through our relays and tested successfully. However after rebooting the device, /etc/ssmtp/ssmtp.conf reverted to its default state. Is there a different way to manage this file in 11.5.1?815Views0likes8CommentsMoving Target
I moved recently. Not too far away nor to a different state, just the other side of town. It is simultaneously exhilarating and exhausting. Most people in the U.S. moving during the summer. Kids are out of school, the weather is mostly nice, friends might be available to help and you are settled in for the holidays. And while you are worrying about packing, movers, mail and all the other check lists, your identity is ripe for the picking. The increased risk of identity theft during a move is because personally identifiable information is being shuffled around from one home to the next. At the same time, buyers and renters are preoccupied with the move and can forget to protect their sensitive documents. You may lock up or personally carry your jewelry, checkbook and other 'valuables' but your personal information might be unprotected and targeted during a move. If you are moving this summer like I just did, there are a few things you can do to minimize the risk. While most moving sites have 'Change of Address' as their top protection mechanisms (which we'll get to), I feel that shredding old bills, receipts and financial info is critical. First, you might not want to drag all that old paperwork with you, especially if you are paying by the pound but more importantly, shredding important documents can prevent thieves from finding any information in your trash. Old-skool dumpster diving is still a viable method to steal personal information. You also might not want the movers themselves to have access to those documents, particularly if you are having them help pack. I was fortunate to find reputable movers but mover fraud is becoming more commonplace in the U.S. Mail call! What? Oh yea, Change of Address. Seems like a no brainer, filling out a postal change of address but it is also important. Make the change with all the companies, financial institutions, magazines, and other organizations that regularly send you mail. Identity theft is often carried out by stealing mail. The folks who move into your old house might not steal your identity, but they will most likely throw away mail that isn’t theirs, and they won’t necessarily take the care to shred it as you would. If your mail continues to be delivered to your old address, it might be left on the doorstep or in an unlocked mailbox, making it very easy for anyone to walk away with it. Lock down your electronics. Many households have multiple computers now including tablets, mobile phones and other 'things' storing sensitive information. These are a treasure trove. You can carry/pack yourselves and make sure they are always in your possession or password protect and place in a slightly unmarked box. Maybe label it as 'dog food' and the crook, movers or otherwise, just might pass it over. If you plan on donating or recycling your old computer(s), make sure you totally erase the hard drive since criminals can easily retrieve those files and sue them for no good. Slightly related to this, I recently bought a refurbished Blu-ray player with various streaming services. I wanted to replace the one we broke with the exact same one but they stopped making that model. When it arrived, I went in to configure our Netflix account. So I clicked the Netflix icon and it loaded fine. Wait a minute, that's not my Instant Que. Whoever had the unit prior to me, still had their Netflix saved and I could see all their viewing habits. Old episodes of Leave it to Beaver and Attack of the 50 Foot Cheerleader. And keep an eye out for yourself before, during and after. Check credit monitoring if you have it; your credit report a few months later for anything suspicious; that all your mail is arriving intact; that all your household items are accounted for; and we often leave cars, garages, and other entrances wide open when moving so keep an eye there, if the location warrants. Physical items can be used to create digital identities and while we may read about ID theft topics when computer breaches are reported, the physical realm is still ripe with fraudsters. Everything is game nowadays but you can take physical and digital action to stay safe when you are finally home sweet home. ps Resources: Prevent ID Theft while moving Identity Theft Risk Factor: Moving to a New Home Moving and Identity Theft - How to Protect Yourself Ten Tips to Avoid Identity Theft When You Move Minimizing the Risk of Identity Theft When You’re Moving Technorati Tags: identity theft,id theft,moving,home,household,iot,mail,security,pii,silva,f5 Connect with Peter: Connect with F5:499Views0likes0CommentsBit Bucket for SMTP Traffic
I'm looking for a solution that basically accepts SMTP connections, but sends all mail to a bit bucket -- almost like a /dev/null. The problem im running into, is I cant just use a simple irule that "drops" or "rejects" the traffic. I would need to accept the connection and somehow find a way to spoof the initial EHLO response from the f5. Any suggestions would be greatly appreciated.426Views0likes0CommentsSMTP Smugglers Blues
The SMTP protocol has been vulnerable to email smuggling for decades. Many of the mail servers out there have mitigations in place to handle this vulnerability but not all of them, especially the quick libraries and add-ons you can find on web sites. Protecting your server from these attacks is simple with F5 BIG-IP Advanced WAF and our SMTP Protocol Security profiles. Read to learn how to give those bad actors the “Smugglers Blues”393Views2likes2CommentsAlert Mail when virtual server down trubleshooting
I use this script on /config/user_alert.conf alert VIRTUAL_SERVER_DOWN "/Common/gslb_test_vs has become unavailable" { snmptrap OID=".1.3.8.1.4.1.3475.2.4.0.500" } alert BIGIP_TMM_TMMERR_LAST_PMBR_DOWN { snmptrap OID=".1.3.8.1.4.1.3475.2.4.0.500"; email toaddress="netinfra@example.com" fromaddress="root" body="Virtual Server Down" } But when I capture the packet here to_address(postmaster@hostname.example.com) is showing. I am expecting here:netinfra@example.com 10.10.10.208 10.10.10.225 SMTP 145 C: HELO hostname.example.com 10.10.10.225 10.10.10.208 SMTP 157 S: 250 mailserver.example.com Hello [192.168.1.208] 10.10.10.208 10.10.10.225 SMTP 157 C: MAIL FROM:<root@hostname.example.com> 10.10.10.225 10.10.10.208 SMTP 124 S: 250 2.1.0 Sender OK 10.10.10.208 10.10.10.225 SMTP 161 C: RCPT TO:<postmaster@hostname.example.com> 10.10.10.225 10.10.10.208 SMTP 170 S: 550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain netinfra@example.com is our group mail. Is there anyone face this issue and how can I solve this issue. Thanks in advance :)54Views0likes3Comments