Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
code share

Categorize SSL traffic by version, display as graph

Problem this snippet solves:

You want to know how much SSLv3 traffic is hitting your site. Example image when going to https://x.x.x.x/sslversions:

Image Text

How to use this snippet:

Attach this iRule to your virtual server that is terminating SSL. It will collect statistics about which versions of SSL are being negotiated with clients. Use the 'istats dump' command to see the statistics. Or, connect to your virtual server and query for "/sslversions" to see a javascript graph.


Comments on this Snippet
Comment made 16-Sep-2015 by Brandon
Love it David! Great example use of iStats. You may want to move the magic URI to an internal VIP to not advertise to people (read potential bad actors) what you traffic distribution looks like.
2
Comment made 20-Sep-2015 by Roflcopter 142
Would be good to get a counter next to the percentages. Only thing I added to this was so that external IP's couldn't get to the /sslversions on virtual servers that we have externally facing. when HTTP_REQUEST { if { [string tolower [HTTP::path]] contains "/sslversions" } { if { !([matchclass [IP::client_addr] equals ssl_stats])} { discard } ssl_stats is a data group list
0
Comment made 09-Dec-2015 by prt1969 177
Based on Brandon's comment above, any feedback on what a modified script would look like to either send the /sslversions URI to another VIP or even via High Speed Logging to another destination?
1