-
AppExpert Applications and Templates
-
Configure application authentication, authorization, and auditing
-
-
Configuring Advanced Policy Expression: Getting Started
-
Configuring Advanced Policy Expressions in a Policy
-
Configuring Advanced Policy Expressions Outside the Context of a Policy
-
Advanced Policy Expressions: Working with Dates, Times, and Numbers
-
Advanced Policy Expressions: Parsing HTTP, TCP, and UDP Data
-
Advanced Policy Expressions: IP and MAC Addresses, Throughput, VLAN IDs
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configure advanced policy expressions in a policy
You can configure an Advanced policy expression of up to 1,499 characters in a policy. The user interface for Advanced policy expressions depends to some extent on the feature for which you are configuring the expression, and on whether you are configuring an expression for a policy or for another use.
When configuring expressions on the command line, you delimit the expression by using quotation marks (“. . .” or ‘. . .’). Within an expression, you escape additional quotation marks by using a back-slash (). For example, the following are standard methods for escaping quotation marks in an expression:
"\"abc\""
‘\"abc\"’
You must also use a backslash to escape question marks and other backslashes on the command line. For example, the expression http.req.url.contains(“\?”) requires a backslash so that the question mark is parsed. Note that the backslash character will not appear on the command line after you type the question mark. On the other hand, if you escape a backslash (for example, in the expression ‘http.req.url.contains(“\\http”)’), the escape characters are echoed on the command line.
To make an entry more readable, you can escape the quotation marks for an entire expression. At the start of the expression you enter the escape sequence “q” plus one of the following special characters: /{< | ~$^+=&%@`?. |
You enter only the special character at the end of the expression, as follows:
q@http.req.url.contains("sometext") && http.req.cookie.exists@
q~http.req.url.contains("sometext") && http.req.cookie.exists~
<!--NeedCopy-->
Note that an expression that uses the { delimiter is closed with }.
For some features (for example, Integrated Caching and Responder), the policy configuration dialog box provides a secondary dialog box for configuring expressions. This dialog enables you to choose from drop-down lists that show the available choices at each point during expression configuration. You cannot use arithmetic operators when using these configuration dialogs, but most other advanced policy expression features are available. To use arithmetic operators , write your expressions in free-form format.
Configure an Advanced policy syntax rule by using the CLI
Note:
Default syntax policy is now renamed as Advanced policy.
At the command prompt, type the following commands to configure a default syntax rule and verify the configuration:
-
add cache|dns|rewrite|cs policy policyName \*\*-rule\*\* expression featureSpecificParameters \*\*-action\*\*
-
show cache|dns|rewrite|cs policy policyName
Following is an example of configuring a caching policy:Example:
> add cache policy pol-cache -rule http.req.content_length.le(5) -action INVAL Done > show cache policy pol-cache Name: pol-cache Rule: http.req.content_length.le(5) CacheAction: INVAL Invalidate groups: DEFAULT UndefAction: Use Global Hits: 0 Undef Hits: 0 Done <!--NeedCopy-->
Configure a default syntax policy expression by using the GUI
-
In the navigation pane, click the name of the feature where you want to configure a policy, for example, you can select Integrated Caching, Responder, DNS, Rewrite, or Content Switching, and then click Policies.
-
Click Add.
-
For most features, click in the Expression field. For content switching, click Configure.
-
Click the Prefix icon (the house) and select the first expression prefix from the drop-down list. For example, in Responder, the options are HTTP, SYS, and CLIENT. The next set of applicable options appear in a drop-down list.
-
Double-click the next option to select it, and then type a period (.). Again, a set of applicable options appears in another drop-down list.
-
Continue selecting options until an entry field (signalled by parentheses) appears. When you see an entry field, enter an appropriate value in the parentheses. For example, if you select GT(int) (greater-than, integer format), you specify an integer in the parentheses. Text strings are delimited by quotation marks. Following is an example:
HTTP.REQ.BODY\(1000).BETWEEN\(\"this\",\"that\")
-
To insert an operator between two parts of a compound expression, click the Operators icon (the sigma), and select the operator type. Following is an example of a configured expression with a Boolean OR (signalled by double vertical bars, ) HTTP.REQ.URL.EQ\(\"www.mycompany.com\")\||HTTP.REQ.BODY\(1000).BETWEEN\(\"this\",\"that\")
-
To insert a named expression, click the down arrow next to the Add icon (the plus sign) and select a named expression.
-
To configure an expression using drop-down menus, and to insert built-in expressions, click the Add icon (the plus sign). The Add Expression dialog box works in a similar way to the main dialog box, but it provides drop-down lists for selecting options, and it provides text fields for data entry instead of parentheses. This dialog box also provides a Frequently Used Expressions drop-down list that inserts commonly used expressions. When you are done adding the expression, click OK.
- When finished, click Create. A message in the status bar indicates that the policy expression is configured successfully.
Test a default syntax expression by using the GUI
- In the navigation pane, click the name of the feature for which you want to configure a policy (for example, you can select Integrated Caching, Responder, DNS, Rewrite, or Content Switching), and then click Policies.
- Select a policy and click Open.
- To test the expression, click the Evaluate icon (the check mark).
- In the expression evaluator dialog box, select the Flow Type that matches the expression.
- In the HTTP Request Data or HTTP Response Data field, paste the HTTP request or response that you want to parse with the expression, and click Evaluate. Note that you must supply a complete HTTP request or response, and the header and body should be separated by blank line. Some programs that trap HTTP headers do not also trap the response. If you are copying and pasting only the header, insert a blank line at the end of the header to form a complete HTTP request or response.
- Click Close to close this dialog box.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.