Bug ID 603755: dwbld core dump when Auto Blacklisting is configured, in a rare scenario

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,

Fixed In:

Opened: Jul 08, 2016
Severity: 2-Critical


The dynamic white/black daemon (dwbld) (a Control Plane daemon that supports the AFM IP intelligence feature) generates a core when processing an Auto Blacklisting Entry addition by TMM, when attack traffic causes a blacklist entry to be added. The problem happens in a rare scenario when dwbld and tmm are out of sync with respect to category names. This might happen for a very short window when configuration changes are made to Blacklist Categories (such as adding or removing a category).


dwbld crashes and restarts. No significant impact, as after restart, the dwbld should work properly.


-- DoS Auto Blacklisting feature enabled. -- Attack traffic generates an Auto Blacklist IP address entry. -- Configuration change to Blacklist Category occurs at the same time.



Fix Information

The release adds handling for the case in which dwbld is not up-to-date with configuration changes to Blacklist Categories when it simultaneously receives an Auto Blacklist Entry.

Behavior Change