Forum Discussion

Nimbostratus

Dec 08, 2016

iRule to Log TLSv1.0 Connections Only

Hi Everyone, I am trying to identify all cleints that still use TLSv1.0 and what browser they use. I created the following iRule to log these connections. when CLIENTSSL_HANDSHAKE { ...

MVP

Dec 08, 2016

Hi Todd,

glad you've found a rule of mine in another thread... 😉

To report just "TLSv1" session, simply change the

contains

operator of the

[if]

command to

equals

...

when CLIENTSSL_HANDSHAKE { 
    if { ( [SSL::cipher version] equals "TLSv1") } then { 
        set invalid_ssl 1 
    } else { 
        set invalid_ssl 0 
    } 
} 
when HTTP_REQUEST { 
    if { $invalid_ssl } then { 
        log local0. "TLSv1 Client: [IP::client_addr] using [SSL::cipher version], [SSL::cipher name] and [SSL::cipher bits] bits using the Agent [HTTP::header value "User-Agent"]"
        set invalid_ssl 0 
    }
}

Cheers, Kai

Forum Discussion

iRule to Log TLSv1.0 Connections Only

Recent Discussions

BWC iRule

Citrix XenServer Big-IP Upgrade help

iRule condition - request contains more than 10000 parameters

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Routing problem for connect() in iRule

iRule redirect connection to pool on differente port

Current connections vs CLI show sys connections

Find connection attempts via source IP

iRULE regsub error