Bug ID 497970: IP Intelligence Logging and Reporting present Auto-Blacklist stats that do not match other sources

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Opened: Dec 22, 2014

Severity: 4-Minor


In order to provide visibility, hardware-accelerated blacklisting leaks 1 packet in 256 (configurable). In software, in order to maintain the correct number of packets that would have been received if the hardware was not present, for every leaked pkt we add 255. tmctl bl_sw_entry_hit counts only software processed packets, but the shun counter counts both hardware and software, so the values may be inconsistent.


Inconsistent statistics


HW acceleration of IP Intelligence auto-blacklist/shun list feature



Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips