Bug ID 701299

Bug Tracker
ID 701299

Bug ID 701299: Protocol Inspection: config validation for GTP Compliance Check does not catch inclusion of APN in both disallowed_apns and allowed_apns

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1

Opened: Jan 10, 2018

Severity: 4-Minor

Symptoms

A user can include the same APN in the GTP compliance checks disallowed_apns and allowed_apns.

Impact

A logically inconsistent configuration is validated. The resultant behavior might be unexpected. If an APN is on the "Disallowed APNs" list, traffic from matching APNs will be dropped even if they are on the "Allowed APNs" list.

Conditions

Protocol Inspection configured to enable GTP compliance checks with a given APN specified in both the "Allowed APNs" and "Disallowed APNs" lists.

Workaround

Review configuration manually and catch these configuration conflicts.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips

Bug ID 701299: Protocol Inspection: config validation for GTP Compliance Check does not catch inclusion of APN in both disallowed_apns and allowed_apns

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Guides & references

Have a question?

About F5

Education

F5 sites

Support Tasks

Bug ID 701299: Protocol Inspection: config validation for GTP Compliance Check does not catch inclusion of APN in both disallowed_apns and allowed_apns

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Guides & references

Have a question?

Follow Us

About F5

Education

F5 sites

Support Tasks