nickt9999_11997
Oct 21, 2014Nimbostratus
SSLv3 iRule reply with nice error
Hi All,
I am trying to write an iRule that will return a nice error message to the user if they attempt to use the SSLv3 protocol, however I don't know how to do the message part. Can some please help/provide guidance?
This is what I have at the moment:
when CLIENT_ACCEPTED {
SSL::disable
TCP::collect
}
when CLIENT_DATA {
binary scan [TCP::payload] cS rtype sslver
log local0. "SSL Record Type $rtype, Version: $sslver"
BLOCK SSLV3
if { $sslver <= 768 } {
set SSLBlock 1
Need to add message here
} else {
SSL::enable
TCP::release
}
}
Thanks in advance Nick