Bug ID 699284: ICMP drop logs sometimes has wrong logging field values

Last Modified: Jun 30, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4

Fixed In:
13.0.0, 12.1.4.1

Opened: Dec 18, 2017
Severity: 3-Major

Symptoms

With ACL policy configured to allow a restricted set of traffic (say TCP packets) but disallowing ICMP, the client ICMP messages are being rightfully dropped. But the drops with ACL logging enabled, shows up wrong values. The values sometimes show up as TCP packet being dropped, instead of ICMP.

Impact

Functionally, the ACL dropping behavior is correct. But with logging fields being displayed wrong, it appears as if a packet which was not supposed to be dropped is being wrongly rejected. No functional impact, the problem is only with logging information being wrong.

Conditions

ICMP packet is configured to be dropped through ACL Rule policy, with logging enable on ACL Rule, the logs generated has wrong values. Sometimes, the field values for ICMP are totally wrong, and it could show up as a TCP connection being dropped (especially, when the most recent request was a TCP connection).

Workaround

None

Fix Information

None

Behavior Change