You could view the counters live or periodically:
# tmsh show ltm profile http-compression Http_compression-json
# watch 'tmsh show ltm profile http-compression Http_compression-json'
You could also take a concurrent client and server side capture, decrypt and look at the first request to see that the Accept-Encoding exists on the request ingress to the F5 and is gone egress from the F5 to the server then the response egress from the F5 back to the client should contain a Content-Encoding header and no Accept-Encoding header.
== From K15434 ==
When you configure an HTTP Compression profile and assign it to a virtual server, the BIG-IP system reads the Accept-Encoding header of a client request and determines what content encoding method the client prefers. The BIG-IP system then removes the Accept-Encoding header from the request and passes the request to the server. Upon receiving the server response, the BIG-IP system inserts the Content-Encoding header, specifying either the gzip or deflate, based on the compression method that the client specifies in the Accept-Encoding header.
== Decrypt Traffic ==
Create this iRule and apply to the virtual server, change '<client_IP_addr>',
when CLIENTSSL_HANDSHAKE {
if {[IP::addr [IP::client_addr] equals <client_IP_addr>] } {
log local0. "[TCP::client_port] :: RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]"
}
}
when SERVERSSL_HANDSHAKE {
if {[IP::addr [IP::client_addr] equals <client_IP_addr>] } {
log local0. "[TCP::client_port] :: RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]"
}
}
Run this capture command:
# tcpdump -s0 -ni 0.0:nnnp -w /var/tmp/<filename>.pcap host <test_client_ip> and host <virtual_server_IP> -vv
Follow steps 11 and 12 in K12783074.
K12783074: Decrypting SSL traffic using the SSL::sessionsecret iRules command (12.x and later) https://support.f5.com/csp/article/K12783074
K15434: Overview of the HTTP Compression profile https://support.f5.com/csp/article/K15434
Nimbostratus
