Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3
Fixed In:
12.0.0
Opened: Feb 02, 2015 Severity: 3-Major Related Article:
K16138
When adding a Rule to a Policy, the Condition should be 'equals' for Operand: tcp and Selector: port; however, the GUI and tmsh change the value to 'matches' instead. The reverse also happens: if 'matches' is selected, the value gets changed to 'equals'.
The GUI displays 'equals', but when the user clicks the 'Add' button, the Condition changes to 'matches' in the list, so validation and save operations fail. Note that tmsh operates similarly. The system posts an error message similar to the following: 010716f4:3: Policy '/Common/test_v11.6.0', rule 'r1'; operand 'tcp' does not support condition 'matches'.
This occurs when adding a Policy Rule with Condition of 'equals' or 'matches'.
Select a value other than 'equals' or 'matches' for the Condition, and then change it back to 'equals' or 'matches'. This ensures the correct Condition is added.
When adding a Rule to a Policy, the system now ensures the Condition is saved with 'equals' when 'equals' is selected in the list.