Last Modified: Oct 13, 2023
Known Affected Versions:
126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 14.1.3, 126.96.36.199, 14.1.4, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 14.1.5, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124
Opened: Jan 20, 2020 Severity: 3-Major
You cannot enable firewall logging via tmsh or the GUI when only LTM is provisioned. AFM must be licensed and provisioned in order to configure firewall logging with tmsh or the GUI.
You cannot enable firewall logging to help with tracking or to aid in troubleshooting.
-- No AFM Provisioned -- v14.1.0 or newer. -- Using firewall rules to protect the management interface.
You can run the following command to view the counters from F5 rules easily with this command (output is very verbose): # /sbin/iptables -vL f5acl If you want to enable logging (output is very verbose), you can run the following command: /sbin/iptables -I f5acl -j LOG --log-prefix "IPTables-Dropped: " This will then log to /var/log/kern.log. To remove this change: /sbin/iptables -D f5acl -j LOG --log-prefix "IPTables-Dropped: "