Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP SWG
Known Affected Versions:
12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1
Fixed In:
14.1.4.5, 14.1.0, 12.1.3.6
Opened: Mar 30, 2018 Severity: 3-Major
When an access profile of type SWG-Explicit is being used, there is a 128 KB limit on POST bodies while the policy is being evaluated. The system posts an error message similar to the following in /var/log/apm: err tmm[13751]: 01490514:3: (null):Common:00000000: Access encountered error: ERR_NOT_SUPPORTED. File: ../modules/hudfilter/access/access.c, Function: hud_access_process_ingress, Line: 3048
Unable to start an SWG-Explicit policy with a large POST body.
This applies only during policy evaluation. After the policy has been set to 'Allow', there is no limit to the POST body.
None.
Now, you can resolve this issue by modifying db variable 'tmm.access.maxrequestbodysize' to use a value larger than the maximum request size you want to support.