Bug ID 1162661: The Bad Actor (BA) hit counter is not updating for ICMP vector during hardware mitigation

Last Modified: Mar 30, 2024

Affected Product(s):
BIG-IP AFM(all modules)

Fixed In:
17.1.0

Opened: Sep 30, 2022

Severity: 4-Minor

Symptoms

The hardware mitigation was not proper due to spva ba_hit statistics not generated.

Impact

Attack traffic will get pass through because of ba_hit is not updating.

Conditions

Configure BA with rate limits for ICMP vectors at virtual server level.

Workaround

None

Fix Information

Neuron support is not available for ICMP packets, directly write rules into flow cache through which hardware can get entries.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips