差異處
這裏顯示兩個版本的差異處。
兩邊的前次修訂版前次修改 下次修改 | 前次修改 | ||
a10:slb:aflex:http:deny-sslv3:deny_sslv3_using_aflex [2014/12/03 17:33] – [Deny SSLv3 Using aFlex] jal | a10:slb:aflex:http:deny-sslv3:deny_sslv3_using_aflex [2014/12/08 16:40] (目前版本) – jal | ||
---|---|---|---|
行 12: | 行 12: | ||
# Check Remote Client IP (Remote_Addr usually means clinet IP) | # Check Remote Client IP (Remote_Addr usually means clinet IP) | ||
if { [IP::addr [remote_addr] equals 8.8.8.0/24] } { | if { [IP::addr [remote_addr] equals 8.8.8.0/24] } { | ||
- | set sslpass | + | set sslv3pass 1 |
+ | } elseif { [IP::addr [remote_addr] equals 8.8.4.0/24] } { | ||
+ | set sslv3pass | ||
} else { | } else { | ||
- | set sslpass | + | set sslv3pass |
} | } | ||
TCP:: | TCP:: | ||
行 22: | 行 24: | ||
binary scan [TCP:: | binary scan [TCP:: | ||
- | | + | # log will affect unit performance, |
+ | # log "$sslv3pass | ||
# SSL 3.0 -> 768 TLS 1.0 -> 769 TLS 1.1 -> 770 TLS 1.2 -> 771 | # SSL 3.0 -> 768 TLS 1.0 -> 769 TLS 1.1 -> 770 TLS 1.2 -> 771 | ||
# TCP/443 and HTTPS | # TCP/443 and HTTPS | ||
- | if { ( $sslpass | + | if { ( $sslv3pass |
# HTTPS only. If you want to redirect traffic, you can used follow line. | # HTTPS only. If you want to redirect traffic, you can used follow line. | ||
- | # if { ( $sslpass | + | # if { ( $sslv3pass |
} | } | ||