Last Modified: May 29, 2024
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3
Fixed In:
15.1.0, 15.0.1.4, 14.1.2.1
Opened: May 09, 2019 Severity: 3-Major
'tmsh load sys config' reports a syntax error. The syntax error is reported on 'security firewall rule-list rule' configuration.
The system fails to load the configuration.
This occurs only if any of the rule-list rule ip-protocol contains one of the following protocols: Note: You can see the mismatched protocol names in the /etc/protocols listing file (column 1 and column 3 differ): bbn-rcc 10 BBN-RCC-MON # BBN RCC Monitoring nvp 11 NVP-II # Network Voice Protocol dcn 19 DCN-MEAS # DCN Measurement Subsystems ospf 89 OSPFIGP # Open Shortest Path First IGP crdup 127 CRUDP # Combat Radio User Datagram
Manually edit the configuration file: /config/bigip_base.conf 1. Replace the ip-protocol name from rule-list configuration: -- Change BBN-RCC-MON to bbn-rcc. -- Change NVP-II to nvp. -- Change DCN-MEAS to dcn. -- Change OSPFIGP to ospf. -- Change CRUDP to crudp. 2. Save the file. 3. Issue the command: tmsh load sys config. The configuration now loads without syntax errors.
None