Bug ID 500449: "Any IPv4 or IPv6" choice in sweep attack has atypical definition

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
11.6.0 HF5

Opened: Jan 10, 2015
Severity: 4-Minor


OLH does not convey the function of Any IPv4 or Any IPv6 choice in single endpoint sweep attack configuration.


When selected, the endpoint sweep attack detects only traffic "other than TCP, UDP, ICMP, or IGMP."


When one of these options is chosen, the configuration does not behave as expected and detect "any" traffic.



Fix Information

In the DoS Device Protection configuration for a Single Endpoint Sweep attack, the packet types "Any IPv4" and "Any IPv6" do not actually apply to all IPv4 and IPv6 traffic. Rather, these categories apply to any traffic other than TCP, UDP, ICMP, or IGMP. This has been clarified in the system online help.

Behavior Change