Friday, April 28, 2017

finding traffic coming into a f5 that being dropped

Here's a sure way to find and log traffic coming into a f5 that has no  VS defined. It requires only a VIP with a iRule to log the traffic

1st here's a layer3 forwarding VIP

2nd our iRule that we will use to generate a log message.I broke it into 3  iRules  IP TCP UDP

3rd our   log message when traffic actually hits the VIP and triggers the log-event

 I did   client add but you could also have done or add server_connect  but in this  case we wanted to see what traffic is coming in from where as in the client.

  you can be specific if you wanted to  trap and log a particular source


if { [IP::addr [IP::client_addr] equals] } {   
       log local0. "client   hit this VIP "                                                                             


NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
        /  \

No comments:

Post a Comment