sanjai_126162
Aug 05, 2016Nimbostratus
IRULE to terminate connection after certificate verification
to minimize CCU usage and the desired outcome being to terminate connection after certificate verification, We can use the SSL::handshake event.
The idea behind the irule is to terminate connection once the ssl-handshake is completed and the logic is as follows
when SSL::handshake is complete { for a given ip-address (here you would check an incoming IP address against a pre-determined(known) address [ for example ip.addr == 10.125.0.3]) reject if ip-address matches then the iRule would terminate the connection. }
This way we would immediately release the connection and would not have to wait for 900 seconds. More importantly it would not affect your Access policy
Could you please sample irule on this