ltm rule event CLIENTSSL CLIENTHELLO
iRule(1) BIG-IP TMSH Manual iRule(1)
CLIENTSSL_CLIENTHELLO
Triggered when the system has received the client's SSL ClientHello
message.
DESCRIPTION
Triggered when the system has received the client's SSL ClientHello
message, and before the system sends its SSL ServerHello message. Zero
or more SSL extensions may be received from or sent to the peer at this
stage in the SSL handshake.
Examples
when CLIENTSSL_CLIENTHELLO {
set my_ext "Hello world!"
set my_ext_type 62965
SSL::extensions insert [binary format S1S1a* $my_ext_type [string length $my_ext] $my_ext]
}
when CLIENTSSL_CLIENTHELLO {
set ext_count [SSL::extensions count]
log local0.info "SSL::extensions count = $ext_count"
for {set i 0} {$i<$ext_count} {incr i} {
binary scan [SSL::extensions -index $i] S1S1H* ext_type ext_len ext
set ext_type [expr {$ext_type & 0xffff}]
set ext_len [expr {$ext_len & 0xffff}]
log local0.info "SSL extension #[expr {$i + 1}]: (type $ext_type len $ext_len) $ext"
}
}
Sample log output:
: SSL::extensions count = 1
: SSL extension #1: (type 65281 len 1) 00
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-11.1.0 --First introduced the event.
BIG-IP 2017-01-31 iRule(1)