Bug ID 680112: SWG-Explicit rejects large POST bodies during policy evaluation

Last Modified: Aug 08, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP SWG(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3

Fixed In:
14.0.0, 12.1.3.2

Opened: Aug 24, 2017
Severity: 3-Major
Related AskF5 Article:
K18131781

Symptoms

When an access profile of type SWG-Explicit is being used, there is a 64 KB limit on POST bodies while the policy is being evaluated. ==> /var/log/apm <== err tmm[13751]: 01490514:3: (null):Common:00000000: Access encountered error: ERR_NOT_SUPPORTED. File: ../modules/hudfilter/access/access.c, Function: hud_access_process_ingress, Line: 3048

Impact

Unable to start an SWG-Explicit policy with a large POST body.

Conditions

This applies only during the policy evaluation. After the policy has been set to 'Allow', there is no limit.

Workaround

None.

Fix Information

Modify the db variable 'tmm.access.maxrequestbodysize' with a value larger than the maximum post body size you would like to support. The maximum supported value is 25000000 (25 MB).

Behavior Change