Jason_Keating
Nov 26, 2012Altostratus
SSL_renegotiation_DOS_mitigation
Hi,
I've been looking at this https://devcentral.f5.com/wiki/iRules.Print.aspx?Page=iRules.SSL_renegotiation_DOS_mitigation
I am confused by the iRule, where and when is hs_count initialised ?
Trying the rule on my 11.2.1 807 box I get the following:
Nov 26 16:41:34 tmm err tmm[10885]: 01220001:3: TCL error: /b2c/vuln_ssl_renegotiation_dos - can't read "hs_count": no such variable (reading value of variable to increment) invoked from within "incr hs_count"
Nov 26 16:41:34 tmm err tmm[10885]: 01220001:3: TCL error: /b2c/vuln_ssl_renegotiation_dos - can't read "hs_count": no such variable while executing "for { set i 1 } { $i <= $hs_count } { incr i } { table delete -subtable "hs_rate:$flow" "[TCP::client_port]:$i" }"
Did incr set the variable if null in 10.x ?
Anyone got any ideas please ?
Thanks
J