LocalLB::ProfileClientSSL::set_forward_proxy_bypass_default_action

Introduced : BIG-IP_v11.5.0
Sets the SSL forward proxy bypass default action for the specified client SSL profiles. The default value is intercept. Example: If a user configures the SSL forward proxy bypass default action to intercept, below is what the system does. 1. Check packet&aposs destination IP address against entries in destination IP blacklist. If there is a match, the packet will go through SSL forward proxy (or the packet is intercepted by SSL forward proxy). 2. If there is no match in 1, the system will check packet&aposs destination IP address against entries in destination IP whitelist. If there is a match, the packet will bypass the SSL forward proxy. 3. If still there is no match, the system will go to the next stage which is to compare the source IP and hostname similar to step 1 & 2. 4. If there are no matches after all, the packet will be set to the default action which in this case is to intercept. If the SSL forward proxy bypass default action is set to bypass, the steps will be 2, 1, 3, 4. In 4, the default action is to bypass.

Prototype

 set_forward_proxy_bypass_default_action(
    in String [] profile_names,
    in LocalLB__ProfileForwardProxyBypassDefaultAction [] actions
);

Parameters

Parameter Type Description
profile_names String [] The names of the client SSL profiles.
actions ProfileForwardProxyBypassDefaultAction [] The SSL forward proxy bypass default action for the specified client SSL profiles.

Return Type

Type Description
void  

Exceptions

Exception Description
Common::AccessDenied Raised if the client credentials are not valid.
Common::InvalidArgument Raised if one of the arguments is invalid.
Common::OperationFailed Raised if an operation error occurs.

See Also

iControl ::
iControl :: LocalLB :: ProfileClientSSL

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code


Copyright © 1996-2012, F5 Networks, Inc. All rights reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.