Sriram_129909
Nov 06, 2014Nimbostratus
iRule to log client rejects
Is there a way to log all client rejects using iRule? - The ones that doesn't make it to the HTTP_REQUEST event. I was involved in an iRule (below) logging all rejects based on lower ssl version number. That being done, now I want to find all client rejects.
when CLIENT_ACCEPTED {
set Collect_Len 3
TCP::collect $Collect_Len
}
when CLIENT_DATA {
set Buf_Len [TCP::offset]
if { $Buf_Len < 3 } {
incr Collect_Len -$Buf_Len
TCP::collect $Collect_Len
return
}
binary scan [TCP::payload] cS Rec_Type Version
if { $Version <= 768 } {
HSL::send [HSL::open -proto UDP -pool syslog_server_pool_1] "Rejecting SSLv3 or lower connection attempts from [IP::client_addr] to [IP::local_addr]"
} else {
TCP::release
}
}