Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1
Fixed In:
14.0.0, 13.1.1.2, 12.1.4.1
Opened: Sep 29, 2017 Severity: 3-Major
When there are scheduled firewall rules, and the BIG-IP system is restarted or PCCD daemon is restarted, new blob compilation succeeds, but TMM fails to activate the new blob. Both GUI and TMSH show error status: Firewall rules deployment failed. After the system gets in this state it cannot be fixed except by removing or disabling all scheduled firewall rules.
After this failure, firewall rules are not applied on data traffic.
-- There are scheduled firewall rules. -- The BIG-IP system is restarted or the PCCD daemon is restarted.
Remove or disable all scheduled firewall rules.
New blob deployed and new firewall rules applied successfully.
