bongshanks
Jan 18, 2018Nimbostratus
Debugging a non functioning HSL config
Ok, I've got a pretty simple iRule that works fine when using the log local0. command. When I change the local.0 to HSL, the HSL does not log.
I check the pool and the monitor on 514 is showing green. I check the stats and all traffic is zeroed out. I check the LTM log and I don't even see an attempt to start an HSL session. (this is on 12.1.2 btw)
I have a theory that HSL won't start if TMM detects the pool having an issue. However I don't know of a good way to check that.
Do you any of you have any suggestions for troubleshooting?
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto UDP -pool hsl_syslog_pool]
HSL::send $hsl "SSL_CUSTOM: Connection of Client Source IP: [IP::client_addr]:[TCP::client_port]<-->[virtual name]<-->[LB::server]"
}
when CLIENTSSL_HANDSHAKE {
HSL::send $hsl "Client: [IP::client_addr] is using [SSL::cipher version] SSL Cipher:[SSL::cipher name] Virtual:[virtual] SSL Profile:[PROFILE::clientssl name]"
SSL::collect
}
}