Ping a Specific Port

Question

Alessandro

Asked: 2020-06-06 01:03:07 +0800 CST2020-06-06 01:03:07 +0800 CST 2020-06-06 01:03:07 +0800 CST

SSL Renegotiation trigger - F5 iRule

772

I'm trying to implement a TCL script to be used in an F5 iRule, in order to catch any SSL renegotiation event. I'm stuck at the first step, which is basically the "trigger" which could say "when the SSL renegotiation happens, do something" (e.g. log the event to the syslog).

My question is: Since the SSL connection is already established, what is the trigger that prompts the link to be re-established? How can I use this in an iRule?

Any help is greatly appreciated.

1 Answers

Voted

troubled · Answer 1 · 2020-06-12T22:45:55+08:00

Best Answer

troubled

2020-06-12T22:45:55+08:002020-06-12T22:45:55+08:00

There isn't a specific event for renegotiate that I can see in the docs... However have you tried logging any CLIENT_HANDSHAKE or SERVER_HANDSHAKE events?

It's not specifically mentioned that CLIENT_HANDSHAKE or SERVER_HANDSHAKE fire at renegotiation. but I notice that the following codeshare example for counting renege for DOS mitigation uses them..

ssl-renegotiation-dos-mitigation

1

SSL Renegotiation trigger - F5 iRule

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?