Master list of iRule Commands

AAA AAA::acct_result, AAA::acct_send, AAA::auth_result, AAA::auth_send
ACCESS ACCESS::acl, ACCESS::disable, ACCESS::enable, ACCESS::flowid, ACCESS::log, ACCESS::oauth, ACCESS::perflow, ACCESS::policy, ACCESS::respond, ACCESS::restrict_irule_events, ACCESS::saml, ACCESS::session, ACCESS::user, ACCESS::uuid, ACCESS2::access2_proc
ACL ACL::action, ACL::eval
ADAPT ADAPT::allow, ADAPT::context_create, ADAPT::context_current, ADAPT::context_delete_all, ADAPT::context_name, ADAPT::context_static, ADAPT::enable, ADAPT::preview_size, ADAPT::result, ADAPT::select, ADAPT::service_down_action, ADAPT::timeout
ADM ADM::health, ADM::is_ip_slowdown, ADM::is_mitigated
AES AES::decrypt, AES::encrypt, AES::key
ANTIFRAUD ANTIFRAUD::alert_additional_info, ANTIFRAUD::alert_bait_signatures, ANTIFRAUD::alert_component, ANTIFRAUD::alert_defined_value, ANTIFRAUD::alert_device_id, ANTIFRAUD::alert_expected_value, ANTIFRAUD::alert_fingerprint, ANTIFRAUD::alert_forbidden_added_element, ANTIFRAUD::alert_guid, ANTIFRAUD::alert_html, ANTIFRAUD::alert_http_referrer, ANTIFRAUD::alert_id, ANTIFRAUD::alert_license_id, ANTIFRAUD::alert_min, ANTIFRAUD::alert_origin, ANTIFRAUD::alert_resolved_value, ANTIFRAUD::alert_score, ANTIFRAUD::alert_transaction_data, ANTIFRAUD::alert_transaction_id, ANTIFRAUD::alert_type, ANTIFRAUD::alert_username, ANTIFRAUD::alert_view_id, ANTIFRAUD::disable, ANTIFRAUD::disable_alert, ANTIFRAUD::disable_app_layer_encryption, ANTIFRAUD::disable_auto_transactions, ANTIFRAUD::disable_injection, ANTIFRAUD::disable_malware, ANTIFRAUD::disable_phishing, ANTIFRAUD::enable, ANTIFRAUD::enable_log, ANTIFRAUD::fingerprint, ANTIFRAUD::result
APM ACCESS::acl, ACCESS::disable, ACCESS::enable, ACCESS::log, ACCESS::oauth, ACCESS::policy, ACCESS::respond, ACCESS::restrict_irule_events, ACCESS::session, ACCESS::user, ACCESS::uuid, REWRITE::disable, REWRITE::enable, REWRITE::payload, REWRITE::post_process, WEBSSO::disable, WEBSSO::enable, WEBSSO::select
ASM ASM::client_ip, ASM::disable, ASM::enable, ASM::fingerprint, ASM::payload, ASM::raise, ASM::severity, ASM::signature, ASM::status, ASM::support_id, ASM::unblock, ASM::violation, ASM::violation_data, DOSL7::disable, DOSL7::enable, DOSL7::profile
ASN1 ASN1::decode, ASN1::element, ASN1::encode
AUTH AUTH::abort, AUTH::authenticate, AUTH::authenticate_continue, AUTH::cert_credential, AUTH::cert_issuer_credential, AUTH::last_event_session_id, AUTH::password_credential, AUTH::response_data, AUTH::ssl_cc_ldap_status, AUTH::ssl_cc_ldap_username, AUTH::start, AUTH::status, AUTH::subscribe, AUTH::unsubscribe, AUTH::username_credential, AUTH::wantcredential_prompt, AUTH::wantcredential_prompt_style, AUTH::wantcredential_type
AVR AVR::disable, AVR::enable, AVR::log, AVR::disable_cspm_injection
BOTDEFENSE BOTDEFENSE::action, BOTDEFENSE::bot_signature, BOTDEFENSE::bot_signature_category, BOTDEFENSE::captcha_age, BOTDEFENSE::captcha_status, BOTDEFENSE::client_type, BOTDEFENSE::cookie_age, BOTDEFENSE::cookie_status, BOTDEFENSE::cs_allowed, BOTDEFENSE::cs_attribute, BOTDEFENSE::cs_possible, BOTDEFENSE::device_id, BOTDEFENSE::disable, BOTDEFENSE::enable, BOTDEFENSE::previous_action, BOTDEFENSE::previous_request_age, BOTDEFENSE::previous_support_id, BOTDEFENSE::reason, BOTDEFENSE::support_id
BWC BWC::color, BWC::mark, BWC::measure, BWC::policy, BWC::pps, BWC::priority, BWC::rate
CACHE CACHE::accept_encoding, CACHE::age, CACHE::disable, CACHE::enable, CACHE::expire, CACHE::header, CACHE::headers, CACHE::hits, CACHE::payload, CACHE::priority, CACHE::trace, CACHE::uri, CACHE::useragent, CACHE::userkey
CATEGORY CATEGORY::analytics, CATEGORY::filetype, CATEGORY::matchtype, CATEGORY::result, CATEGORY::safesearch, CATEGORY::lookup
CLASSIFICATION CLASSIFICATION::app, CLASSIFICATION::category, CLASSIFICATION::disable, CLASSIFICATION::enable, CLASSIFICATION::protocol, CLASSIFICATION::result, CLASSIFICATION::urlcat, CLASSIFICATION::username
CLASSIFY CLASSIFY::application, CLASSIFY::category, CLASSIFY::defer, CLASSIFY::urlcat
COMPRESS COMPRESS::buffer_size, COMPRESS::disable, COMPRESS::enable, COMPRESS::gzip, COMPRESS::method
CRYPTO CRYPTO::decrypt, CRYPTO::encrypt, CRYPTO::hash, CRYPTO::keygen, CRYPTO::sign, CRYPTO::verify
DATAGRAM DATAGRAM::dns, DATAGRAM::ip, DATAGRAM::ip6, DATAGRAM::l2, DATAGRAM::tcp, DATAGRAM::udp
DHCP DHCP::version, DHCPv4::hlen, DHCPv4::htype, DHCPv4::chaddr, DHCPv4::ciaddr, DHCPv4::drop, DHCPv4::giaddr, DHCPv4::hops, DHCPv4::len, DHCPv4::opcode, DHCPv4::option, DHCPv4::reject, DHCPv4::secs, DHCPv4::siaddr, DHCPv4::type, DHCPv4::xid, DHCPv4::yiaddr, DHCPv6::drop, DHCPv6::hop_count, DHCPv6::len, DHCPv6::link_address, DHCPv6::msg_type, DHCPv6::option , DHCPv6::peer_address, DHCPv6::reject, DHCPv6::transaction_id
DIAMETER DIAMETER::avp, DIAMETER::command, DIAMETER::disconnect, DIAMETER::drop, DIAMETER::header, DIAMETER::host, DIAMETER::is_request, DIAMETER::is_response, DIAMETER::is_retransmission, DIAMETER::length, DIAMETER::message, DIAMETER::payload, DIAMETER::persist, DIAMETER::realm, DIAMETER::respond, DIAMETER::result, DIAMETER::retransmission, DIAMETER::retransmission_default, DIAMETER::retransmission_reason, DIAMETER::retransmit, DIAMETER::retry, DIAMETER::route_status, DIAMETER::session, DIAMETER::state
DNS DNS::additional, DNS::answer, DNS::authority, DNS::class, DNS::disable, DNS::drop, DNS::edns0, DNS::enable, DNS::header, DNS::is_wideip, DNS::last_act, DNS::len, DNS::name, DNS::origin, DNS::ptype, DNS::query, DNS::question, DNS::rdata, DNS::return, DNS::rr, DNS::rrname, DNS::rrtype, DNS::scrape, DNS::tsig, DNS::ttl, DNS::type, whereis
DNSMSG DNSMSG::header, DNSMSG::record, DNSMSG::section
DOSL7 DOSL7::disable, DOSL7::enable, DOSL7::health, DOSL7::is_ip_slowdown, DOSL7::is_mitigated, DOSL7::profile
DSLITE DSLITE::remote_addr
ECA ECA::disable, ECA::domainname, ECA::enable, ECA::metadata, ECA::status, ECA::username
FIX BIGPROTO::enable_fix_reset, FIX::tag
FLOW FLOW::create_related, FLOW::idle_duration, FLOW::idle_timeout, FLOW::peer, FLOW::priority, FLOW::refresh, FLOW::this
FLOWTABLE FLOWTABLE::count, FLOWTABLE::limit
FTP FTP::allow_active_mode, FTP::disable, FTP::enable, FTP::enforce_tls_session_reuse, FTP::ftps_mode, FTP::port
GENERICMESSAGE GENERICMESSAGE::message, GENERICMESSAGE::peer, GENERICMESSAGE::route
GLOBAL accumulate, ACL::eval, active_members, active_nodes, after, b64decode, b64encode, BIGTCP::release_flow, call, CATEGORY::lookup, class, client_addr, client_port, clientside, clone, CONNECTOR::disable, CONNECTOR::enable, cpu, crc32, decode_uri, DECOMPRESS::disable, DECOMPRESS::enable, DEMANGLE::disable, DEMANGLE::enable, discard, DNSMSG::header, DNSMSG::record, DNSMSG::section, domain, drop, event, findclass, findstr, forward, FTP::port, getfield, HA::status, htonl, htons, http_cookie, http_header, http_host, http_method, http_uri, http_version, ifile, imid, ip_addr, ip_protocol, ip_tos, ip_ttl, lasthop, link_qos, listen, llookup, local_addr, log, matchclass, matchregion, md5, members, nexthop, node, nodes, ntohl, ntohs, Operators, peer, pem_dtos, persist, pool, priority, rateclass, redirect, reject, relate_client, relate_server, remote_addr, RESOLV::lookup, RESOLVER::summarize, RESOLVER::name_lookup, REST::send, return, rmd160, server_addr, server_port, serverside, session, sha1, sha256, sha384, sha512, sharedvar, snat, snatpool, substr, table, tcl_platform, timing, TMM::cmp_count, TMM::cmp_group, TMM::cmp_unit, traffic_group, translate, urlcatblindquery, urlcatquery, use, VALIDATE::protocol, virtual, vlan_id, when, whereis
GTM discard, DNS::additional, DNS::answer, DNS::authority, DNS::class, DNS::disable, DNS::drop, DNS::edns0, DNS::enable, DNS::header, DNS::last_act, DNS::len, DNS::name, DNS::origin, DNS::ptype, DNS::query, DNS::question, DNS::rdata, DNS::return, DNS::rr, IP::client_addr
GTP GTP::discard, GTP::header, GTP::header extension, GTP::ie, GTP::length, GTP::message, GTP::payload, GTP::tunnel
HA HA::status
High Speed Logging HSL::open, HSL::send
HTML HTML::comment , HTML::disable, HTML::enable, HTML::tag, HTML::tag attribute
HTTP HTTP::class, HTTP::close, HTTP::collect, HTTP::cookie, HTTP::disable, HTTP::enable, HTTP::fallback, HTTP::has_responded, HTTP::header, HTTP::host, HTTP::hsts, HTTP::is_keepalive, HTTP::is_redirect, HTTP::method, HTTP::passthrough_reason, HTTP::password, HTTP::path, HTTP::payload, HTTP::proxy, HTTP::query, HTTP::redirect, HTTP::reject_reason, HTTP::release, HTTP::request, HTTP::request_num, HTTP::respond, HTTP::retry, HTTP::status, HTTP::uri, HTTP::username, HTTP::version
HTTP2 HTTP2::active, HTTP2::disable, HTTP2::disconnect, HTTP2::enable, HTTP2::push, HTTP2::requests, HTTP2::stream, HTTP2::version, HTTP2::concurrency
ICAP ICAP::header, ICAP::method, ICAP::status, ICAP::uri
ILX ILX::call, ILX::init, ILX::notify
IMAP IMAP::activation_mode, IMAP::disable, IMAP::enable
IP IP::addr, IP::client_addr, IP::hops, IP::idle_timeout, IP::intelligence, IP::local_addr, IP::protocol, IP::remote_addr, IP::server_addr, IP::stats, IP::tos, IP::ttl, IP::version, IP::reputation
IPFIX IPFIX::destination, IPFIX::msg, IPFIX::template
ISESSION ISESSION::deduplication
iStats ISTATS::remove, ISTATS::get, ISTATS::incr, ISTATS::set
IVS IVS_ENTRY::result
L7CHECK L7CHECK::protocol
LB LB::bias, LB::class, LB::command, LB::connect, LB::connlimit, LB::context_id, LB::detach, LB::down, LB::dst_tag, LB::enable_decisionlog, LB::mode, LB::persist, LB::prime, LB::reselect, LB::select, LB::server, LB::snat, LB::src_tag, LB::status, LB::up, LB::queue
LINK LINK::lasthop, LINK::nexthop, LINK::qos, LINK::vlan_id
LSN LSN::inbound-entry, LSN::address, LSN::disable, LSN::inbound, LSN::persistence, LSN::persistence-entry, LSN::pool, LSN::port
MESSAGE MESSAGE::field, MESSAGE::proto, MESSAGE::type
MQTT MQTT::clean_session, MQTT::client_id, MQTT::collect, MQTT::disable, MQTT::disconnect, MQTT::drop, MQTT::dup, MQTT::enable, MQTT::insert, MQTT::keep_alive, MQTT::length, MQTT::message, MQTT::packet_id, MQTT::password, MQTT::payload, MQTT::protocol_name, MQTT::protocol_version, MQTT::qos, MQTT::release, MQTT::replace, MQTT::respond, MQTT::retain, MQTT::return_code, MQTT::return_code_list, MQTT::session_present, MQTT::topic, MQTT::type, MQTT::username, MQTT::will
MR MR::collect, MR::connect_back_port, MR::connection_instance, MR::connection_mode, MR::equivalent_transport, MR::flow_id, MR::ignore_peer_port, MR::instance, MR::max_retries, MR::message, MR::payload, MR::peer, MR::prime, MR::protocol, MR::release, MR::restore, MR::retry, MR::return, MR::store, MR::stream, MR::transport
NAME Deprecated NAME::lookup, NAME::response
NSH NSH::context, NSH::mimic, NSH::path_id, NSH::service_index
NTLM NTLM::disable, NTLM::enable
ONECONNECT ONECONNECT::detach, ONECONNECT::label, ONECONNECT::reuse
PCP PCP::reject, PCP::request, PCP::response
PEM PEM::disable, PEM::enable, PEM::flow, PEM::policy, PEM::session, pem_dtos, PEM::subscriber, urlcatquery
POLICY POLICY::controls, POLICY::names, POLICY::rules, POLICY::targets
POP3 POP3::activation_mode, POP3::disable, POP3::enable
PROFILE PROFILE::access, PROFILE::auth, PROFILE::clientssl, PROFILE::diameter, PROFILE::exists, PROFILE::fasthttp, PROFILE::fastL4, PROFILE::ftp, PROFILE::http, PROFILE::httpclass, PROFILE::oneconnect, PROFILE::persist, PROFILE::serverssl, PROFILE::stream, PROFILE::tcp, PROFILE::udp, PROFILE::xml, PROFILE::httpcompression, PROFILE::webacceleration
PSC PSC::attr, PSC::auth_user_name, PSC::calling_id, PSC::imeisv, PSC::imsi, PSC::ip_address, PSC::lease_time, PSC::policy, PSC::subscriber_id, PSC::tower_id, PSC::user_name
QOE QOE::disable, QOE::enable, QOE::video
RADIUS RADIUS::avp, RADIUS::code, RADIUS::id, RADIUS::rtdom
RESOLV RESOLV::lookup
RESOLVER RESOLVER::summarize, RESOLVER::name_lookup
REWRITE REWRITE::disable, REWRITE::enable, REWRITE::payload, REWRITE::post_process
ROUTE ROUTE::age, ROUTE::bandwidth, ROUTE::clear, ROUTE::cwnd, ROUTE::domain, ROUTE::expiration, ROUTE::mtu, ROUTE::rtt, ROUTE::rttvar
RTSP RTSP::collect, RTSP::header, RTSP::method, RTSP::msg_source, RTSP::payload, RTSP::release, RTSP::respond, RTSP::status, RTSP::uri, RTSP::version
SCTP SCTP::client_port, SCTP::collect, SCTP::local_port, SCTP::mss, SCTP::payload, SCTP::ppi, SCTP::release, SCTP::remote_port, SCTP::respond, SCTP::rto_initial, SCTP::rto_max, SCTP::rto_min, SCTP::sack_timeout, SCTP::server_port
SDP SDP::field, SDP::media, SDP::session_id
SIDEBAND close, connect, connect info, recv, send
SIP SIP::call_id, SIP::discard, SIP::from, SIP::header, SIP::message, SIP::method, SIP::payload, SIP::persist, SIP::respond, SIP::response, SIP::route_status, SIP::to, SIP::uri, SIP::via
SMTPS SMTPS::activation_mode, SMTPS::disable, SMTPS::enable
SOCKS SOCKS::allowed, SOCKS::destination, SOCKS::version
SPDY SPDY::active, SPDY::disconnect, SPDY::priority, SPDY::requests, SPDY::stream, SPDY::streamid, SPDY::version, SPDY::concurrency
SSL SSL::allow_dynamic_record_sizing, SSL::authenticate, SSL::cert, SSL::cipher, SSL::clientrandom, SSL::collect, SSL::disable, SSL::enable, SSL::extensions, SSL::forward_proxy, SSL::handshake, SSL::is_renegotiation_secure, SSL::maximum_record_size, SSL::mode, SSL::modssl_sessionid_headers, SSL::nextproto, SSL::payload, SSL::profile, SSL::release, SSL::renegotiate, SSL::respond, SSL::secure_renegotiation, SSL::session, SSL::sessionid, SSL::sessionsecret, SSL::sessionticket, SSL::sni, SSL::unclean_shutdown, SSL::verify_result
STATS STATS::get, STATS::incr, STATS::set, STATS::setmax, STATS::setmin
STREAM STREAM::disable, STREAM::enable, STREAM::encoding, STREAM::expression, STREAM::match, STREAM::max_matchsize, STREAM::replace
TCP TCP::abc, TCP::analytics, TCP::autowin, TCP::bandwidth, TCP::client_port, TCP::close, TCP::collect, TCP::congestion, TCP::delayed_ack, TCP::dsack, TCP::earlyrxmit, TCP::ecn, TCP::enhanced_loss_recovery, TCP::idletime, TCP::limxmit, TCP::local_port, TCP::lossfilter, TCP::lossfilterburst, TCP::lossfilterrate, TCP::mss, TCP::nagle, TCP::naglemode, TCP::naglestate, TCP::notify, TCP::offset, TCP::option, TCP::pacing, TCP::payload, TCP::proxybuffer, TCP::proxybufferhigh, TCP::proxybufferlow, TCP::push_flag, TCP::rcv_scale, TCP::rcv_size, TCP::recvwnd, TCP::release, TCP::remote_port, TCP::respond, TCP::rexmt_thresh, TCP::rt_metrics_timeout, TCP::rto, TCP::rtt, TCP::rttvar, TCP::sendbuf, TCP::server_port, TCP::setmss, TCP::snd_cwnd, TCP::snd_scale, TCP::snd_ssthresh, TCP::snd_wnd, TCP::unused_port
TMM TMM::cmp_count, TMM::cmp_group, TMM::cmp_primary_group, TMM::cmp_unit
UDP UDP::client_port, UDP::debug_queue, UDP::drop, UDP::hold, UDP::local_port, UDP::max_rate, UDP::mss, UDP::payload, UDP::release, UDP::remote_port, UDP::respond, UDP::sendbuffer, UDP::server_port, UDP::unused_port
URI URI::basename, URI::compare, URI::decode, URI::encode, URI::host, URI::path, URI::port, URI::protocol, URI::query
WAM WAM::disable, WAM::enable
WEBSSO WEBSSO::disable, WEBSSO::enable, WEBSSO::select
WS WS::collect, WS::disconnect, WS::enabled, WS::frame, WS::masking, WS::message, WS::payload, WS::release, WS::request, WS::response
X509 X509::cert_fields, X509::extensions, X509::hash, X509::issuer, X509::not_valid_after, X509::not_valid_before, X509::serial_number, X509::signature_algorithm, X509::subject, X509::subject_public_key, X509::subject_public_key_RSA_bits, X509::subject_public_key_type, X509::verify_cert_error_string, X509::version, X509::whole
XLAT XLAT::listen, XLAT::listen_lifetime, XLAT::src_addr, XLAT::src_config, XLAT::src_endpoint_reservation, XLAT::src_nat_valid_range, XLAT::src_port
XML XML::address, XML::collect, XML::element, XML::event, XML::eventid, XML::parse, XML::release, XML::soap, XML::subscribe

AAA

  • AAA::acct_result - used to check whether the accounting information is sent successfully to IVS or not
  • AAA::acct_send - used to send user accouting information to IVS virtual
  • AAA::auth_result - used to check whether the authentication information is sent successfully to IVS or not
  • AAA::auth_send - used to send user authentication information to IVS virtual

ACCESS

  • ACCESS::acl - Poll or enforce ACLs in your connections
  • ACCESS::disable - Control enforcement for a particular request URI
  • ACCESS::enable - enables the access control enforcement for a particular request URI
  • ACCESS::flowid - set/get the flow id for SSL Orchestrator using APM logging framework
  • ACCESS::log - logs a message using APM logging framework
  • ACCESS::oauth - returns a JSON Web Signature token
  • ACCESS::perflow - String of perflow variable; empty if value isn’t set
  • ACCESS::policy - Return information about access policies
  • ACCESS::respond - This command generates new respond and automatically overrides the default respond.
  • ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
  • ACCESS::saml - allows you to retrieve or manipulate SAML related messages
  • ACCESS::session - Access or manipulate session information.
  • ACCESS::user - Returns user ID information
  • ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
  • ACCESS2::access2_proc - return the TCL procedure registered for currently executing per-request policy expression.

ACL


ADAPT


ADM


AES

  • AES::decrypt - Decrypt the data using the previously-created AES key.
  • AES::encrypt - Encrypt the data using the previously-created AES key.
  • AES::key - Creates an AES key to encrypt/decrypt data.

ANTIFRAUD


APM

  • ACCESS::acl - Poll or enforce ACLs in your connections
  • ACCESS::disable - Control enforcement for a particular request URI
  • ACCESS::enable - enables the access control enforcement for a particular request URI
  • ACCESS::log - logs a message using APM logging framework
  • ACCESS::oauth - returns a JSON Web Signature token
  • ACCESS::policy - Return information about access policies
  • ACCESS::respond - This command generates new respond and automatically overrides the default respond.
  • ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
  • ACCESS::session - Access or manipulate session information.
  • ACCESS::user - Returns user ID information
  • ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
  • REWRITE::disable - Changes the REWRITE plugin from full patching mode to passthrough mode.
  • REWRITE::enable - Changes the REWRITE plugin from passthrough to full patching mode.
  • REWRITE::payload - Queries for or manipulates REWRITE payload.
  • REWRITE::post_process - Toggle post processing functionality
  • WEBSSO::disable - Forwards a request without doing SSO processing on it.
  • WEBSSO::enable - Causes APM to do the SSO processing on a request.
  • WEBSSO::select - Use specified SSO configuration object to do SSO for the HTTP request

ASM

  • ASM::client_ip - Returns the IP address of the end client that sent the present request
  • ASM::disable - Disables plugin processing on the connection.
  • ASM::enable - Enables plugin processing on the connection.
  • ASM::fingerprint - returns the FP id if available
  • ASM::payload - This command retrieves or replaces the payload collected by ASM.
  • ASM::raise - Issues a user-defined violation on the present request
  • ASM::severity - Returns the overall severity of the violations found in the transaction (both request and response)
  • ASM::signature - returns the list of signatures
  • ASM::status - Returns the current status of the request or response
  • ASM::support_id - Returns the support id of the present HTTP transaction
  • ASM::unblock - Overrides the blocking action for a request that had blocking violation
  • ASM::violation - Returns the list of violations found in the present request or response together with details on each one
  • ASM::violation_data - This command exposes violation data using a multiple buffers instance
  • DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

ASN1


AUTH


AVR


BOTDEFENSE


BWC

  • BWC::color - allows a category assignment to dynamic policies
  • BWC::mark - assign tos and qos values to a flow
  • BWC::measure - start or stop measurement on a per policy or on a per flow basis
  • BWC::policy - Attach/Detach a bandwidth policy to a flow
  • BWC::pps - allows modification of the packets per second for the session
  • BWC::priority - map a policy instance or category to a priority class of a priority group
  • BWC::rate - allows for a different bandwidth be set on dynamic policies

CACHE

  • CACHE::accept_encoding - Overrides the accept_encoding value used by the cache to store the cached content.
  • CACHE::age - Returns the age of the document in the cache.
  • CACHE::disable - Disables the caching for this request.
  • CACHE::enable - Forces the document to be cached.
  • CACHE::expire - Forces the document to be revalidated from the server.
  • CACHE::header - Get the content of an Header related to an object stored in the RamCache.
  • CACHE::headers - Returns the HTTP headers of the cache response.
  • CACHE::hits - Returns the document cache hits.
  • CACHE::payload - Returns the HTTP payload of the cache response.
  • CACHE::priority - Adds a priority to cached documents.
  • CACHE::trace - Dump the list of cached objects for a HTTP profile where RAM cache is enabled.
  • CACHE::uri - Overrides the URI value used by the cache to store the cached content.
  • CACHE::useragent - Overrides the useragent value used by the cache to reference the cached content.
  • CACHE::userkey - Allows users to add user-defined values to the key used by the cache to reference the cached content.

CATEGORY


CLASSIFICATION


CLASSIFY


COMPRESS


CRYPTO


DATAGRAM


DHCP


DIAMETER


DNS

  • DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
  • DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
  • DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
  • DNS::class - gets or sets the resource record class field
  • DNS::disable - sets the service state to disabled for the current dns packet.
  • DNS::drop - Drops the current DNS packet after the execution of the event.
  • DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
  • DNS::enable - sets the service state to enabled for the current dns packet.
  • DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
  • DNS::is_wideip - returns status (true/false) if a string is a configured wide IP.
  • DNS::last_act - sets the action to perform if no DNS service handles this packet
  • DNS::len - returns the dns packet message length.
  • DNS::name - gets or sets the resource record name field
  • DNS::origin - returns the originator of the DNS message
  • DNS::ptype - returns the type of the DNS packet.
  • DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
  • DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
  • DNS::rdata - gets or sets the resource record rdata field
  • DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
  • DNS::rr - creates a new resource record object with specified attributes or as a complete string.
  • DNS::rrname - Returns the name requested by the client.
  • DNS::rrtype - Returns the resource record type requested by the client.
  • DNS::scrape - allows users to walk over a DNS message and parse out information from the packet based on user supplied arguments
  • DNS::tsig - manipulates the current DNS message and its TSIG resource record.
  • DNS::ttl - gets or sets the resource record ttl field
  • DNS::type - gets or sets the resource record type field
  • whereis - Returns geographical information on an IP address.

DOSL7

  • DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::health - returns the DOSL7 server health value for current virtual server
  • DOSL7::is_ip_slowdown - returns TRUE if source IP exists in greylist table
  • DOSL7::is_mitigated - returns TRUE if certain HTTP request was mitigated
  • DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

DSLITE


ECA


FIX


FLOW


FLOWTABLE


FTP


GENERICMESSAGE


GLOBAL

  • accumulate - Terminates iRule processing until more data is received.
  • ACL::eval - enforces ACLs in your connections
  • active_members - Returns the number or list of active members in the specified pool.
  • active_nodes - Returns the alias for active members of the specified pool (for BIG-IP version 4.X compatibility).
  • after - Execute iRules code after a set period of delay.
  • b64decode - Returns a string that is base-64 decoded
  • b64encode - Returns a string that is base-64 encoded. or if an error occurs. an empty string.
  • BIGTCP::release_flow - Transition layer 7 FIX message to layer 4
  • call - Call an iRule procedure
  • CATEGORY::lookup - returns the category of the supplied URL
  • class - Advanced access of classes
  • client_addr - Returns the client IP address of a connection.
  • client_port - Returns the TCP port number/service of the specified client.
  • clientside - Causes the specified iRule commands to be evaluated under the client-side context.
  • clone - Causes the system to clone traffic to the specified pool or pool member regardless of monitor status.
  • CONNECTOR::disable - disables all the connectors on chain
  • CONNECTOR::enable - enables all the connectors on chain
  • cpu - The cpu usage command returns the average TMM cpu load for the given interval.
  • crc32 - Returns the crc32 checksum for the specified string.
  • decode_uri - Decodes the specified string using HTTP URI encoding.
  • DECOMPRESS::disable - Disable DECOMPRESS feature on current flow.
  • DECOMPRESS::enable - Enable DECOMPRESS feature on current flow.
  • DEMANGLE::disable -
  • DEMANGLE::enable -
  • discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
  • DNSMSG::header -
  • DNSMSG::record -
  • DNSMSG::section -
  • domain - Parses the specified string as a dotted domain name and returns the last portions of the domain name.
  • drop - Causes the current packet or connection to be dropped/discarded. Same as the discard command.
  • event - Enables or disables evaluation of the specified iRule event. or all iRule events. on this connection.
  • findclass - Searches a data group list for a member that starts with a specified string and returns the data-group member string.
  • findstr - Finds a string within another string and returns the string starting at the offset specified from the match.
  • forward - Sets the connection to forward IP packets.
  • FTP::port - allows restriction of FTP ephemeral ports
  • getfield - Splits a string on a character or string. and returns the string corresponding to the specific field.
  • HA::status - Returns true or false based on whether the unit the command is executed on is active or standby
  • htonl - Convert the unsigned integer from host byte order to network byte order.
  • htons - Convert the unsigned short integer from host byte order to network byte order.
  • http_cookie - Specifies the value in the Cookie: header.
  • http_header - Evaluates the string following an HTTP header tag that you specify.
  • http_host - Specifies the value in the Host: header of the HTTP request.
  • http_method - Specifies the action of the HTTP request.
  • http_uri - Specifies a URI.
  • http_version - Specifies the HTTP protocol version.
  • ifile - returns content and attributes from external files on the BIG-IP system
  • imid - Returns an i-mode identifier string.
  • ip_addr - Returns the IP address of a tmm, tmm interface, localhost, etc
  • ip_protocol - Returns the IP protocol value.
  • ip_tos - Returns the ToS level of a packet.
  • ip_ttl - Returns the TTL of the latest IP packet received.
  • lasthop - Sets the lasthop of an IP connection.
  • link_qos - Returns the QoS level.
  • listen - Sets up a related ephemeral listener to allow an incoming related connection to be established.
  • llookup - returns a list of values corresponding to the given key
  • local_addr - Deprecated: Use IP::local_addr instead
  • log - Generates and logs a message to the syslog-ng utility.
  • matchclass - Performs comparison against the contents of data group.
  • matchregion - Returns true/false if specified region is matched.
  • md5 - Returns the RSA MD5 Message Digest Algorithm message digest of the specified string.
  • members - List all members of a given pool for v10.x.x
  • nexthop - Sets the nexthop of an IP connection.
  • node - Sends the packet directly to the identified server node.
  • nodes - List all nodes within a given pool
  • ntohl - Convert the unsigned integer from network byte order to host byte order.
  • ntohs - Convert the unsigned short integer from network byte order to host byte order.
  • Operators - iRules operators
  • peer - Causes the specified iRule commands to be evaluated under the peer’s (opposite) context.
  • pem_dtos - Query the TAC DB for IMEI value
  • persist - Causes the system to use the named persistence type to persist the connection.
  • pool - Causes the system to load balance traffic to the specified pool or pool member regardless of monitor status.
  • priority - The priority command is used to set the order that like iRule events are executed.
  • rateclass - Causes the system to select the specified rate class to use when transmitting packets.
  • redirect - Redirects an HTTP request to a specific location.
  • reject - Causes the connection to be rejected.
  • relate_client - Sets up a related established connection.
  • relate_server - Sets up a related established connection.
  • remote_addr - Deprecated: Use IP::remote_addr instead
  • RESOLV::lookup - Performs a DNS query for A or PTR records corresponding to a hostname or IP address.
  • RESOLVER::summarize -
  • RESOLVER::name_lookup -
  • REST::send - Send a rest request locally to the Big-IP REST Framework
  • return - Causes immediate exit from the currently executing event in the currently executing iRule.
  • rmd160 - Returns the RIPEMD-160 message digest of the specified string.
  • server_addr - Returns the IP address of the server.
  • server_port - Returns the TCP port/service number of the specified server.
  • serverside - Causes the specified iRule command to be evaluated under the server-side context.
  • session - Utilizes the persistence table to store arbitrary information based on the same keys as persistence.
  • sha1 - Returns the SHA version 1.0 message digest of the specified string.
  • sha256 - Returns the Secure Hash Algorithm (SHA2) 256-bit message digest of the specified string.
  • sha384 - Returns the Secure Hash Algorithm (SHA2) 384-bit message digest of the specified string.
  • sha512 - Returns the Secure Hash Algorithm (SHA2) 512-bit message digest of the specified string.
  • sharedvar - Allows a variable to be accessed in both sides of a VIP-targetting-VIP
  • snat - Causes the LTM system to assign the specified translation address to the current connection.
  • snatpool - Causes the specified pool of addresses to be used as translation addresses to create a SNAT.
  • substr - A custom iRule function which returns a substring from a string
  • table - The table command provides enhanced access to the session table
  • tcl_platform - A variable that contains platform specific information
  • timing - Enable and disable iRule timing statistics.
  • TMM::cmp_count - Provides the active number of TMM instances running.
  • TMM::cmp_group - Returns the number (0-x) of the group of the CPU executing the rule. Typically a group refers to the blade number on a chassis system. and is always 0 on other platforms.
  • TMM::cmp_unit - Returns the number (0-x) of the CPU executing the rule.
  • traffic_group - returns the current traffic group
  • translate - Enables, disables, or queries (as specified) destination address or port translation
  • urlcatblindquery - Query the encrypted URL for URL categorization
  • urlcatquery - Query the URL for URL categorization
  • use - A BIG-IP 4.X statement. provided for backward-compatibility.
  • VALIDATE::protocol - allows you to validate payload (traffic) to match given classification application
  • virtual - Return the name of the associated virtual server or selects another virtual server.
  • vlan_id - Returns the VLAN tag of the packet.
  • when - Used to specify an event in an iRule.
  • whereis - Returns geographical information on an IP address.

GTM

  • discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
  • DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
  • DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
  • DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
  • DNS::class - gets or sets the resource record class field
  • DNS::disable - sets the service state to disabled for the current dns packet.
  • DNS::drop - Drops the current DNS packet after the execution of the event.
  • DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
  • DNS::enable - sets the service state to enabled for the current dns packet.
  • DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
  • DNS::last_act - sets the action to perform if no DNS service handles this packet
  • DNS::len - returns the dns packet message length.
  • DNS::name - gets or sets the resource record name field
  • DNS::origin - returns the originator of the DNS message
  • DNS::ptype - returns the type of the DNS packet.
  • DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
  • DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
  • DNS::rdata - gets or sets the resource record rdata field
  • DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
  • DNS::rr - creates a new resource record object with specified attributes or as a complete string.
  • IP::client_addr - Returns the client IP address of a connection

GTP

  • GTP::discard - Discards the current message
  • GTP::header - Allows for the parsing of GTP header information.
  • GTP::header extension - The extension headers are identified by unique type values. The type can be appended with index, if multiple headers of same type are expected.
  • GTP::ie - This set of commands allows for the parsing and interpretation of GTP IE elements.
  • GTP::length - This value is returned as read from the message header.
  • GTP::message - Returns the entire GTP message.
  • GTP::payload - Returns the entire payload for G-PDU message. This command returns an empty value, in case of non-G-PDU messages.
  • GTP::tunnel - These commands parse the payload of G-PDU as IP datagram and return the values from IP header and TCP/UDP header.

HA

  • HA::status - Returns true or false based on whether the unit the command is executed on is active or standby

High Speed Logging

  • HSL::open - Open a handle for High Speed Logging communication
  • HSL::send - Send data via High Speed Logging

HTML

  • HTML::comment - Queries, removes HTML comment or appends/prepends it by a string.
  • HTML::disable - Disables the processing of HTML for this transaction.
  • HTML::enable - Enables the processing of HTML for this transaction.
  • HTML::tag - Queries, removes HTML tag and appends/prepends string to it.
  • HTML::tag attribute - Queries, removes and changes attribute/value pairs of this HTML tag.

HTTP

  • HTTP::class - Returns or sets the HTTP class selected by the HTTP selector.
  • HTTP::close - Closes the HTTP connection.
  • HTTP::collect - Collects an amount of HTTP body data that you specify.
  • HTTP::cookie - Queries for or manipulates cookies in HTTP requests and responses.
  • HTTP::disable - Changes the HTTP filter from full parsing to passthrough mode.
  • HTTP::enable - Changes the HTTP filter from passthrough to full parsing mode.
  • HTTP::fallback - Specifies or overrides a fallback host specified in the HTTP profile.
  • HTTP::has_responded - returns true if this HTTP transaction has been prematurely completed by an iRule command or other filter logic
  • HTTP::header - Queries or modifies HTTP headers.
  • HTTP::host - Returns the value of the HTTP Host header
  • HTTP::hsts - controls HTTP Strict Transport Security
  • HTTP::is_keepalive - Returns a true value if this is a Keep-Alive connection.
  • HTTP::is_redirect - Returns a true value if the response is a redirect.
  • HTTP::method - Returns the type of HTTP request method.
  • HTTP::passthrough_reason - returns the reason for the most recent switch to pass-through mode by the HTTP filter
  • HTTP::password - Returns the password part of HTTP basic authentication.
  • HTTP::path - Returns or sets the path part of the HTTP request.
  • HTTP::payload - Queries for or manipulates HTTP payload information.
  • HTTP::proxy - controls whether the BIG-IP will handle the proxy of the connection locally or send it to a downstream pool
  • HTTP::query - Returns the query part of the HTTP request.
  • HTTP::redirect - Redirects an HTTP request or response to the specified URL.
  • HTTP::reject_reason - returns the reason HTTP is aborting
  • HTTP::release - Releases the data collected via HTTP::collect.
  • HTTP::request - Returns the raw HTTP request headers.
  • HTTP::request_num - Returns the number of HTTP requests that a client made on the connection.
  • HTTP::respond - Generates a response to the client as if it came from the server.
  • HTTP::retry - Resends a request to a server.
  • HTTP::status - Returns the response status code.
  • HTTP::uri - Returns or sets the URI part of the HTTP request.
  • HTTP::username - Returns the username part of HTTP basic authentication.
  • HTTP::version - Returns or sets the HTTP version of the request or response.

HTTP2

  • HTTP2::active - used to determine if a request is generated by HTTP/2
  • HTTP2::disable - changes the HTTP2 filter from full parsing to passthrough mode
  • HTTP2::disconnect - allows you to cleanly terminate the current HTTP/2 session
  • HTTP2::enable - changes the HTTP2 filter from passthrough to full parsing mode
  • HTTP2::push - accepts a resource as a parameter that can be pushed to the client using PUSH_PROMISE frames
  • HTTP2::requests - used to determine the count of requests received in the current HTTP/2 session
  • HTTP2::stream - Gets or sets the stream attributes including id and priority
  • HTTP2::version - used to determine the HTTP/2 protocol version used
  • HTTP2::concurrency - used to determine the number of active concurrent streams in the current HTTP/2 session

ICAP


ILX

  • ILX::call - Invokes the specified node method
  • ILX::init - Establishes a communication path from an iRule to the node process.
  • ILX::notify - Sends a message to the specified node method but does not wait for a response

IMAP


IP

  • IP::addr - Performs comparison of IP address/subnet/supernet to IP address/subnet/supernet. or parses 4 binary bytes into an IPv4 dotted quad address.
  • IP::client_addr - Returns the client IP address of a connection
  • IP::hops - Gives you the estimated number of hops the peer takes to get to you.
  • IP::idle_timeout - Returns or sets the idle timeout value.
  • IP::intelligence - returns a Tcl list of IP intelligence category names for a given IP address
  • IP::local_addr - Returns the IP address of the virtual server the client is connected to or the self-ip LTM is connected from.
  • IP::protocol - Returns the IP protocol value.
  • IP::remote_addr - Returns the IP address of the host on the far end of the connection.
  • IP::server_addr - Returns the server’s IP address.
  • IP::stats - Supplies information about the number of packets or bytes being sent or received in a given connection.
  • IP::tos - Returns the ToS value encoded within a packet.
  • IP::ttl - Returns the TTL of the latest IP packet received.
  • IP::version - Returns the IP version of a connection
  • IP::reputation - Looks up the supplied IP address in the IP intelligence (reputation) database and returns a TCL list containing reputation categories

IPFIX

  • IPFIX::destination - open and close IPFIX logging destinations
  • IPFIX::msg - create, delete and set data values in an IPFIX message based on the provided IPFIX_TEMPLATE.
  • IPFIX::template - create and delete user defined IPFIX message templates

ISESSION


iStats


IVS


L7CHECK


LB

  • LB::bias -
  • LB::class - Provides the name of the traffic class that matched the connection
  • LB::command - To be completed
  • LB::connect -
  • LB::connlimit - set the connection limit for virtual/node/poolmember
  • LB::context_id - Assigns the current connection to named context.
  • LB::detach - Disconnects the server side connection
  • LB::down - Sets the status of a node or pool member as being down.
  • LB::dst_tag - Sets the destination tag for the current request
  • LB::enable_decisionlog - enables LTM decision logging
  • LB::mode - Sets the load balancing mode
  • LB::persist - Forces a persistence record lookup and returns the result
  • LB::prime - Sets up serverside connections before client traffic comes
  • LB::reselect - Selects the next available member in the current pool, based on pool Load Balancing options
  • LB::select - Forces a load balancing selection and returns the result
  • LB::server - Returns information about the currently selected server
  • LB::snat - Returns information on the SNAT configuration of the virtual server.
  • LB::src_tag - Sets the source tag for the current request
  • LB::status - Returns the status of a node address or pool member.
  • LB::up - Sets the status of a node or pool member as being up.
  • LB::queue - Returns queue information

LSN


MESSAGE


MQTT


MR

  • MR::collect - collect the specified amount of MR message payload data.
  • MR::connect_back_port - gets or sets connect_back_port for the current connection
  • MR::connection_instance - returns the connection instance and the number of connections
  • MR::connection_mode - returns the connection mode of the current connection
  • MR::equivalent_transport - gets or sets the transport that is usable as an equivalent transport
  • MR::flow_id - returns a unique identifier for the current connection
  • MR::ignore_peer_port - sets or resets the ignore_peer_port mode of the current connection
  • MR::instance - returns the name of the current mr_router instance
  • MR::max_retries - returns the number of retries allows for this router instance
  • MR::message - returns or sets details in the message routing table
  • MR::payload - returns the data collected using the MR::collect command
  • MR::peer - defines a peer to use for routing a message to
  • MR::prime - establishes an outgoing connection to the specified host or hosts using the specified transport
  • MR::protocol - returns ‘generic, ‘sip’ or ‘diameter’
  • MR::release - releases the data collected via MR::collect iRule command.
  • MR::restore - returns the stored variables to the current context tcl variable store
  • MR::retry - sends the current message to the router for routing
  • MR::return - returns the current message to the originating connection
  • MR::store - stores a tcl variable with the mr_message object
  • MR::stream - start egressing bytes previously collected and stored
  • MR::transport - returns the name and type (virtual or config) of the transport used to configure the current connection

NAME

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.