Bug ID 436072: Use 'HTTP::disable' to disable HTTP module in SSL forward proxy bypass.

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9

Fixed In:

Opened: Oct 31, 2013
Severity: 3-Major
Related AskF5 Article:


Switch to SSL forward proxy bypass does not abort all of the modules between SSL and TCP-PROXY, which might result in an unexpected TMM crash.


Calling 'HTTP::disable' on different events may cause TMM to crash.


SSL forward proxy bypasses traffic and HTTP::disable is called on various events.


Disable HTTP profile in SERVER_CONNECTED: when SERVER_CONNECTED { HTTP::disable }

Fix Information

SSL forward proxy now supports policy based bypass. When it converts to bypass mode, SSL forward proxy automatically abort all modules/profiles in between TCP-PROXY and SSL. Calling HTTP::disable on events is not needed.

Behavior Change

When SSL forward proxy converts to bypass mode, it aborts all the modules between itself and tcp proxy. This includes abort the http module. Calling 'HTTP::disable' for SSL forward proxy bypass is not needed.