Bug ID 447091: Unable to delete packet filters with order values greater than 32767

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.5.1 HF1, 11.6.1 HF1, 11.5.1 HF2, 11.6.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.6.2 HF1, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.6.0, 11.5.1 HF5, 11.5.0 HF1, 11.4.1 HF4, 11.3.0 HF9, 11.2.1 HF11, 10.2.4 HF8

Opened: Feb 03, 2014

Severity: 3-Major

Related Article: K15601


When a packet filter is created with an order greater than 32767, attempts to delete this filter will fail. Error messages can be seen in /var/log/tmm* when a packet filter object is deleted (or possibly created).


Unknown (inexplicable) impact on traffic: - Packet filters that have been deleted may continue to exist in TMM - Older versions of rules (that have been deleted/recreated) may continue to be applied to traffic


Packet filter rules with an order between 32768 and 65535 (inclusive).


- To prevent this condition from occurring in the first place, restrict packet filter 'order' to 1-32767 (inclusive). - To remove the phantom/incorrect packet filter rules from the packet path (TMM), restart TMM ("bigstart restart tmm", which may need to run on each blade of a chassis system).

Fix Information

Ensured that packet filters with orders greater than 32767 are able to be deleted.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips