Bug ID 450610: DoS iRule event is raised for traffic to non-suspicious entities.

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.4.1

Fixed In:
11.6.0

Opened: Feb 27, 2014

Severity: 3-Major

Symptoms

The DoS iRule event is invoked for all requests involved with the virtual server that under attack instead to suspicious entities.

Impact

The event is invoked for all requests involved with the virtual server that under attack this can cause resource consumption overhead.

Conditions

The virtual server is under DoS attack, and the virtual server configuration DoS iRule is enabled with attached iRule IN_DOSL7_ATTACK event.

Workaround

Disable DoS iRule configuration.

Fix Information

We invoke the DoS iRule only on traffic to suspicious entities.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips