Bug ID 495023

Bug Tracker
ID 495023

Bug ID 495023: packets from whitelisted IP address are dropped if present in Shun list and dos.spvabl.checkdynamicwl is false

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.0.0

Opened: Dec 06, 2014

Severity: 4-Minor

Symptoms

Packets from a whitelisted IP address are dropped.

Impact

Packets from a whitelisted IP are dropped unexpectedly.

Conditions

This can occur if the DB variable dos.spvabl.checkdynamicwl is set to false and the same ip address is present in both shun categories marked to be dropped and ip-intelligence whitelist.

Workaround

Always have the sys db "dos.spvabl.checkdynamicwl" value as true which is the default value

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips