[[a10:slb:aflex:http:deny-sslv3:deny_sslv3_using_aflex]]
足跡:
顯示頁面
管理選單最近更新網站地圖

差異處

這裏顯示兩個版本的差異處。

連向這個比對檢視

兩邊的前次修訂版前次修改
下次修改		前次修改
a10:slb:aflex:http:deny-sslv3:deny_sslv3_using_aflex [2014/12/03 17:33] – [Deny SSLv3 Using aFlex] jala10:slb:aflex:http:deny-sslv3:deny_sslv3_using_aflex [2014/12/08 16:40] (目前版本) jal
行 12: 行 12:
  # Check Remote Client IP (Remote_Addr usually means clinet IP)  # Check Remote Client IP (Remote_Addr usually means clinet IP)
  if { [IP::addr [remote_addr] equals 8.8.8.0/24] } {  if { [IP::addr [remote_addr] equals 8.8.8.0/24] } {
- set sslpass 1+ set sslv3pass 1 
 + } elseif { [IP::addr [remote_addr] equals 8.8.4.0/24] } { 
 + set sslv3pass 1
  } else {  } else {
- set sslpass 0+ set sslv3pass 0
  }  }
  TCP::collect  TCP::collect
行 22: 行 24:
  binary scan [TCP::payload] cS rtype sslver  binary scan [TCP::payload] cS rtype sslver
  
-        log "$sslpass . $sslver"+ # log will affect unit performance, DO NOT Use it when production. 
 +# log "$sslv3pass . $sslver"
  
  # SSL 3.0 -> 768 TLS 1.0 -> 769 TLS 1.1 -> 770  TLS 1.2 -> 771  # SSL 3.0 -> 768 TLS 1.0 -> 769 TLS 1.1 -> 770  TLS 1.2 -> 771
  # TCP/443 and HTTPS  # TCP/443 and HTTPS
- if { ( $sslpass == 0 ) && ( $sslver <= 768 ) } { reject }+ if { ( $sslv3pass == 0 ) && ( $sslver <= 768 ) } { reject }
  
  # HTTPS only. If you want to redirect traffic, you can used follow line.  # HTTPS only. If you want to redirect traffic, you can used follow line.
-# if { ( $sslpass == 0 ) && ( $sslver <= 768 ) } { set red 1 }+# if { ( $sslv3pass == 0 ) && ( $sslver <= 768 ) } { set red 1 }
 } }
  
a10/slb/aflex/http/deny-sslv3/deny_sslv3_using_aflex.1417628004.txt.gz · 上一次變更: 2014/12/03 17:33 由 jal
顯示頁面舊版
多媒體管理器回到頁頂
上一頁 | 下一頁 | 回首頁 | RSS Feed | Facebook
Copyright © 2000 - 2025 jal.tw All Rights Reserved.