Bug ID 699495: SNMP ltmFwRuleStat provides incorrect AFM Policy Name after a certain length

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,, 15.0.0, 15.0.1,,,,

Opened: Dec 19, 2017

Severity: 4-Minor


When a firewall rule policy name is longer than 63 characters, the retrieved SNMP entry value of the policy name will contains some prefix of the policy name followed by some random characters representing a hash value. The hash is done to limit the length of the policy name to be able to fit into SNMP packets.


The policy name retrieved from SNMP doffers from the name configured by the user, causing confusion when the user tries to correlate SNMP data with the configuration.


1. Configure AFM Policy with a long name and attach it to Global Context. 2. Perform SNMP walk for ltmFwRuleStat. 3. SNMP output shows unexpected AFM Policy Name For example, specifying 'Enforced-Policy-Global-IPv4-IPv6-Part1' results in 'Enforced-Policy-Global-IPv4-I4e2b9a53'.


There is no workaround other than limiting the policy name to a string that is shorter than 63 characters.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips