Bug ID 564699: BADOS doesn't support both white / blacklist

Last Modified: Oct 16, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1

Opened: Dec 24, 2015

Severity: 3-Major

Symptoms

Entries in the whitelist could end up being incorrectly mitigated if BADOS is configured and active

Impact

Can't avoid mitigation of bad actor under attack even if it should be ignored according to the whitelist or correspondent iRule with action DOSL7::disable

Conditions

configure whitelist or/and blacklist

Workaround

Don't configure BADOS if whitelist / blacklist configured

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips