Nimbostratus
I want to configure ICAP redirection into BIG-IP ASM.
You can specify an IP address and port number into the configuration but no URI.
I want to redirect for example to icap://10.10.10.10/avscan
In SOL12128, they speak about a hard coded URI.
But we are running v10.2.1 so this bug should be fixed already.
What is the hardcoded URI? How can you see this URI?
Regards
Tom Lauwereins
Cirrostratus
In 11.x I think you can navigate to: Application Security ›› Options : Advanced Configuration page and set the URI in the icap_uri field.
If the field isn't there in the GUI in 10.2.x, I think you'll need to configure it following the CLI steps in SOL12128:
http://support.f5.com/kb/en-us/solutions/public/12000/100/sol12128.html
Aaron
Nimbostratus
I can't find any documentation concerning the /usr/share/ts/bin/add_del_internal command
Cirrostratus
Can you clarify your question? The /usr/share/ts/bin/add_del_internal script is written in Perl so you can read the file to see what it's doing. But you shouldn't need to know the inner workings to add the configuration. You should be able to just run:
/usr/share/ts/bin/add_del_internal add icap /avscan
To verify it was added, you can run:
mysql -p`perl -MF5::GenUtils -e "print F5::GenUtils::get_mysql_password"` -e "SELECT section_id, field_name, factory_value, current_value, value_type, value_min, value_max FROM DCC.INTERNAL_CONFIG_ITEMS WHERE field_name LIKE 'icap'"
Aaron
Nimbostratus
Application Security / options / advanced configuration
Tom
Nimbostratus
Cirrostratus
Aaron