Bug ID 500449: "Any IPv4 or IPv6" choice in sweep attack has atypical definition

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
11.6.0 HF5

Opened: Jan 10, 2015
Severity: 4-Minor

Symptoms

OLH does not convey the function of Any IPv4 or Any IPv6 choice in single endpoint sweep attack configuration.

Impact

When selected, the endpoint sweep attack detects only traffic "other than TCP, UDP, ICMP, or IGMP."

Conditions

When one of these options is chosen, the configuration does not behave as expected and detect "any" traffic.

Workaround

None

Fix Information

In the DoS Device Protection configuration for a Single Endpoint Sweep attack, the packet types "Any IPv4" and "Any IPv6" do not actually apply to all IPv4 and IPv6 traffic. Rather, these categories apply to any traffic other than TCP, UDP, ICMP, or IGMP. This has been clarified in the system online help.

Behavior Change