Application Delivery (ADX)

Reply
Occasional Contributor
Posts: 11
Registered: ‎06-16-2011

Serveriron 4G-SSL: match rules doesn't generate log

Hi

We have some CSW rules on the ServerIron:

csw-rule "persistent-session" header "cookie" search "SERVERID=" case-insensitive
csw-rule "redirect-domain" header "host" equals "ourdomain.tld" case-insensitive

and I have bind them to a policy:

csw-policy "ourpolicy" case-insensitive
match "persistent-session" persist offset 0 length 4 group-or-server-id

match "persistent-session" rewrite request-insert client-ip

match "persistent-session" log

match "redirect-domain" redirect "www.ourdomain.tld" ""

match "redirect-domain" log
default forward 10

default log
default rewrite insert-cookie "SERVERID"
default rewrite request-insert client-ip
default rewrite response-insert header

the policy is active on a VS:

server virtual app-lb 192.168.50.10
sticky-age 35
predictor round-robin
port http                                                       
port http tcp-only
port http csw-policy "redirect"
port http csw
port ssl sticky
port ssl tcp-only
port ssl ssl-terminate val-pro
port ssl cookie-name "ServerID"
port ssl csw-policy "ourpolicy"
port ssl csw
port ssl request-insert "Front-end-https: on"
bind http app 81 app 82
bind ssl app 91 real-port 81 app 92 real-port 82

and we have configured the logging server:

logging 172.16.15.62
logging facility syslog

We see in the log if someone connected to the serveriron and the acl rules (deny ip any any log) but we dont see the match rules log... Why?

TiA

Greetz

N/A
Posts: 1
Registered: ‎03-28-2012

Re: Serveriron 4G-SSL: match rules doesn't generate log

I have the same issue, CSW-policy just doesn't seem to work.

Have you figured it out yet?

Occasional Contributor
Posts: 11
Registered: ‎06-16-2011

Re: Serveriron 4G-SSL: match rules doesn't generate log

negative, the other csw rules workes but I dont see the log entries (the log part is not working)

Contributor
Posts: 47
Registered: ‎07-14-2010

Re: Serveriron 4G-SSL: match rules doesn't generate log

CSW log  does not generate a syslog message via source-ip interface where ACL logs are performed on MP.

If that is not the case, could you show me your show run and version ?

Thanks.

//Kono

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.