Difference between revisions of "F5 SMTP"
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
reject | reject | ||
} | } | ||
| − | log local0. "Client:[IP::client_addr]:[TCP::client_port]: SMTP Relay Connection to [virtual name] [IP::local_addr]:[TCP::local_port]" | + | #log local0. "Client:[IP::client_addr]:[TCP::client_port]: SMTP Relay Connection to [virtual name] [IP::local_addr]:[TCP::local_port]" |
| + | log local0. "Client:[IP::client_addr]:[TCP::client_port]:Server:[IP::local_addr]:[TCP::local_port]:SMTP Relay Connection to [virtual name]" | ||
} | } | ||
``` | ``` | ||
Latest revision as of 23:57, 28 March 2023
set logging in irule via TCL
Something like
when CLIENT_ACCEPTED {
# log local0. "Client:[IP::client_addr]:[TCP::client_port]: Connection to [virtual name] [IP::local_addr]:[TCP::local_port]"
if { not ([class match [IP::remote_addr] equals smtp_relay_allowed]) } {
log local0. "[IP::client_addr]:[TCP::client_port]: Rejecting client - not in list"
reject
}
#log local0. "Client:[IP::client_addr]:[TCP::client_port]: SMTP Relay Connection to [virtual name] [IP::local_addr]:[TCP::local_port]"
log local0. "Client:[IP::client_addr]:[TCP::client_port]:Server:[IP::local_addr]:[TCP::local_port]:SMTP Relay Connection to [virtual name]"
}
tail -f /var/log/ltm | grep "SMTP Relay"
head -n 10000000 ltm | grep "SMTP Relay" | awk -F: '{print $6,$9,$10}' | sort | uniq -c | head -n 10