Bug ID 1360129: Tcpdump filter by dosl7d_attack_monitor has no netmask

Last Modified: Dec 18, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6

Fixed In:
17.1.2

Opened: Sep 27, 2023

Severity: 3-Major

Symptoms

Tcpdump filter by dosl7d_attack_monitor has no netmask that can result no packet captured during an attack, if the virtual server destination is a network address instead of a /32 host address.

Impact

Dosl7d_attack_monitor fails to capture packets of attack that causes users not being able to analyze capture data of the observed attack later.

Conditions

Virtual server destination is a network address e.g : x.x.x.0/24

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips