when CLIENT_ACCEPTED { # Check Remote Client IP (Remote_Addr usually means clinet IP) if { [IP::addr [remote_addr] equals 8.8.8.0/24] } { set sslv3pass 1 } elseif { [IP::addr [remote_addr] equals 8.8.4.0/24] } { set sslv3pass 1 } else { set sslv3pass 0 } TCP::collect } when CLIENT_DATA { binary scan [TCP::payload] cS rtype sslver # log will affect unit performance, DO NOT Use it when production. # log "$sslv3pass . $sslver" # SSL 3.0 -> 768 TLS 1.0 -> 769 TLS 1.1 -> 770 TLS 1.2 -> 771 # TCP/443 and HTTPS if { ( $sslv3pass == 0 ) && ( $sslver <= 768 ) } { reject } # HTTPS only. If you want to redirect traffic, you can used follow line. # if { ( $sslv3pass == 0 ) && ( $sslver <= 768 ) } { set red 1 } } #when HTTP_REQUEST { # if {$red == 1} { # HTTP::respond 302 Location "https://tw.gamania.com/" Cache-Control No-Cache Pragma No-Cache # } #}