Master list of iRule Commands¶

Commands added/deprecated by version

AAA	AAA::acct_result, AAA::acct_send, AAA::auth_result, AAA::auth_send
ACCESS	ACCESS::acl, ACCESS::disable, ACCESS::enable, ACCESS::flowid, ACCESS::log, ACCESS::oauth, ACCESS::perflow, ACCESS::policy, ACCESS::respond, ACCESS::restrict_irule_events, ACCESS::saml, ACCESS::session, ACCESS::user, ACCESS::uuid, ACCESS2::access2_proc
ACL	ACL::action, ACL::eval
ADAPT	ADAPT::allow, ADAPT::context_create, ADAPT::context_current, ADAPT::context_delete_all, ADAPT::context_name, ADAPT::context_static, ADAPT::enable, ADAPT::preview_size, ADAPT::result, ADAPT::select, ADAPT::service_down_action, ADAPT::timeout
ADM	ADM::health, ADM::is_ip_slowdown, ADM::is_mitigated
AES	AES::decrypt, AES::encrypt, AES::key
ANTIFRAUD	ANTIFRAUD::alert_additional_info, ANTIFRAUD::alert_bait_signatures, ANTIFRAUD::alert_component, ANTIFRAUD::alert_defined_value, ANTIFRAUD::alert_details, ANTIFRAUD::alert_device_id, ANTIFRAUD::alert_expected_value, ANTIFRAUD::alert_fingerprint, ANTIFRAUD::alert_forbidden_added_element, ANTIFRAUD::alert_guid, ANTIFRAUD::alert_html, ANTIFRAUD::alert_http_referrer, ANTIFRAUD::alert_id, ANTIFRAUD::alert_license_id, ANTIFRAUD::alert_min, ANTIFRAUD::alert_origin, ANTIFRAUD::alert_resolved_value, ANTIFRAUD::alert_score, ANTIFRAUD::alert_transaction_data, ANTIFRAUD::alert_transaction_id, ANTIFRAUD::alert_type, ANTIFRAUD::alert_username, ANTIFRAUD::alert_view_id, ANTIFRAUD::client_id, ANTIFRAUD::device_id, ANTIFRAUD::disable, ANTIFRAUD::disable_alert, ANTIFRAUD::disable_app_layer_encryption, ANTIFRAUD::disable_auto_transactions, ANTIFRAUD::disable_injection, ANTIFRAUD::disable_malware, ANTIFRAUD::disable_phishing, ANTIFRAUD::enable, ANTIFRAUD::enable_log, ANTIFRAUD::fingerprint, ANTIFRAUD::geo, ANTIFRAUD::guid, ANTIFRAUD::result
APM	ACCESS::acl, ACCESS::disable, ACCESS::enable, ACCESS::log, ACCESS::oauth, ACCESS::policy, ACCESS::respond, ACCESS::restrict_irule_events, ACCESS::session, ACCESS::user, ACCESS::uuid, REWRITE::disable, REWRITE::enable, REWRITE::payload, REWRITE::post_process, WEBSSO::disable, WEBSSO::enable, WEBSSO::select
ASM	ASM::captcha, ASM::captcha_age, ASM::captcha_status, ASM::client_ip, ASM::deception, ASM::disable, ASM::enable, ASM::fingerprint, ASM::is_authenticated, ASM::login_status, ASM::microservice, ASM::payload, ASM::policy, ASM::raise, ASM::severity, ASM::signature, ASM::status, ASM::support_id, ASM::threat_campaign, ASM::unblock, ASM::uncaptcha, ASM::username, ASM::violation, ASM::violation_data, DOSL7::disable, DOSL7::enable, DOSL7::profile
ASN1	ASN1::decode, ASN1::element, ASN1::encode
AUTH	AUTH::abort, AUTH::authenticate, AUTH::authenticate_continue, AUTH::cert_credential, AUTH::cert_issuer_credential, AUTH::last_event_session_id, AUTH::password_credential, AUTH::response_data, AUTH::ssl_cc_ldap_status, AUTH::ssl_cc_ldap_username, AUTH::start, AUTH::status, AUTH::subscribe, AUTH::unsubscribe, AUTH::username_credential, AUTH::wantcredential_prompt, AUTH::wantcredential_prompt_style, AUTH::wantcredential_type
AVR	AVR::disable, AVR::enable, AVR::log, AVR::disable_cspm_injection
BOTDEFENSE	BOTDEFENSE::action, BOTDEFENSE::bot_anomalies, BOTDEFENSE::bot_categories, BOTDEFENSE::bot_name, BOTDEFENSE::bot_signature, BOTDEFENSE::bot_signature_category, BOTDEFENSE::captcha_age, BOTDEFENSE::captcha_status, BOTDEFENSE::client_class, BOTDEFENSE::client_type, BOTDEFENSE::cookie_age, BOTDEFENSE::cookie_status, BOTDEFENSE::cs_allowed, BOTDEFENSE::cs_attribute, BOTDEFENSE::cs_possible, BOTDEFENSE::device_id, BOTDEFENSE::disable, BOTDEFENSE::enable, BOTDEFENSE::intent, BOTDEFENSE::micro_service, BOTDEFENSE::previous_action, BOTDEFENSE::previous_request_age, BOTDEFENSE::previous_support_id, BOTDEFENSE::reason, BOTDEFENSE::support_id
BWC	BWC::color, BWC::debug, BWC::mark, BWC::measure, BWC::policy, BWC::pps, BWC::priority, BWC::rate
CACHE	CACHE::accept_encoding, CACHE::age, CACHE::disable, CACHE::enable, CACHE::expire, CACHE::fresh, CACHE::header, CACHE::headers, CACHE::hits, CACHE::payload, CACHE::priority, CACHE::trace, CACHE::uri, CACHE::useragent, CACHE::userkey
CATEGORY	CATEGORY::analytics, CATEGORY::filetype, CATEGORY::matchtype, CATEGORY::result, CATEGORY::safesearch, CATEGORY::lookup
CLASSIFICATION	CLASSIFICATION::app, CLASSIFICATION::category, CLASSIFICATION::disable, CLASSIFICATION::enable, CLASSIFICATION::protocol, CLASSIFICATION::result, CLASSIFICATION::urlcat, CLASSIFICATION::username
CLASSIFY	CLASSIFY::application, CLASSIFY::category, CLASSIFY::defer, CLASSIFY::disable, CLASSIFY::urlcat, CLASSIFY::username
COMPRESS	COMPRESS::buffer_size, COMPRESS::disable, COMPRESS::enable, COMPRESS::gzip, COMPRESS::method, COMPRESS::nodelay
CONNECTOR	CONNECTOR::disable, CONNECTOR::enable, CONNECTOR::profile, CONNECTOR::remap
CRYPTO	CRYPTO::decrypt, CRYPTO::encrypt, CRYPTO::hash, CRYPTO::keygen, CRYPTO::sign, CRYPTO::verify
DATAGRAM	DATAGRAM::dns, DATAGRAM::ip, DATAGRAM::ip6, DATAGRAM::l2, DATAGRAM::tcp, DATAGRAM::udp
DHCP	DHCP::version, DHCPv4::hlen, DHCPv4::htype, DHCPv4::chaddr, DHCPv4::ciaddr, DHCPv4::drop, DHCPv4::giaddr, DHCPv4::hops, DHCPv4::len, DHCPv4::opcode, DHCPv4::option, DHCPv4::reject, DHCPv4::secs, DHCPv4::siaddr, DHCPv4::type, DHCPv4::xid, DHCPv4::yiaddr, DHCPv6::drop, DHCPv6::hop_count, DHCPv6::len, DHCPv6::link_address, DHCPv6::msg_type, DHCPv6::option , DHCPv6::peer_address, DHCPv6::reject, DHCPv6::transaction_id
DIAMETER	DIAMETER::avp, DIAMETER::command, DIAMETER::disconnect, DIAMETER::drop, DIAMETER::header, DIAMETER::host, DIAMETER::is_request, DIAMETER::is_response, DIAMETER::is_retransmission, DIAMETER::length, DIAMETER::message, DIAMETER::payload, DIAMETER::persist, DIAMETER::realm, DIAMETER::respond, DIAMETER::result, DIAMETER::retransmission, DIAMETER::retransmission_default, DIAMETER::retransmission_reason, DIAMETER::retransmit, DIAMETER::retry, DIAMETER::route_status, DIAMETER::session, DIAMETER::skip_capabilities_exchange, DIAMETER::state
DNS	DNS::additional, DNS::answer, DNS::authority, DNS::class, DNS::disable, DNS::drop, DNS::edns0, DNS::enable, DNS::header, DNS::is_wideip, DNS::last_act, DNS::len, DNS::name, DNS::origin, DNS::ptype, DNS::query, DNS::question, DNS::rdata, DNS::return, DNS::rpz_policy, DNS::rr, DNS::rrname, DNS::rrtype, DNS::scrape, DNS::tsig, DNS::ttl, DNS::type, whereis
DNSMSG	DNSMSG::header, DNSMSG::record, DNSMSG::section
DOSL7	DOSL7::disable, DOSL7::enable, DOSL7::health, DOSL7::is_ip_slowdown, DOSL7::is_mitigated, DOSL7::profile, DOSL7::slowdown
DSLITE	DSLITE::remote_addr
ECA	ECA::client_machine_name, ECA::disable, ECA::domainname, ECA::enable, ECA::select, ECA::status, ECA::username
FIX	BIGPROTO::enable_fix_reset, FIX::tag
FLOW	FLOW::create_related, FLOW::idle_duration, FLOW::idle_timeout, FLOW::peer, FLOW::priority, FLOW::refresh, FLOW::this
FLOWTABLE	FLOWTABLE::count, FLOWTABLE::limit
FTP	FTP::allow_active_mode, FTP::disable, FTP::enable, FTP::enforce_tls_session_reuse, FTP::ftps_mode, FTP::port
GENERICMESSAGE	GENERICMESSAGE::message, GENERICMESSAGE::peer, GENERICMESSAGE::route
GLOBAL	accumulate, ACL::eval, active_members, active_nodes, after, b64decode, b64encode, BIGTCP::release_flow, call, CATEGORY::lookup, class, client_addr, client_port, clientside, clone, CONNECTOR::disable, CONNECTOR::enable, cpu, crc32, decode_uri, DECOMPRESS::disable, DECOMPRESS::enable, DEMANGLE::disable, DEMANGLE::enable, discard, DNSMSG::header, DNSMSG::record, DNSMSG::section, domain, drop, event, findclass, findstr, forward, FTP::port, getfield, HA::status, htonl, htons, http_cookie, http_header, http_host, http_method, http_uri, http_version, ifile, imid, ip_addr, ip_protocol, ip_tos, ip_ttl, lasthop, link_qos, listen, llookup, local_addr, log, matchclass, matchregion, md5, members, nexthop, node, nodes, ntohl, ntohs, Operators, peer, pem_dtos, persist, pool, priority, rateclass, redirect, reject, relate_client, relate_server, remote_addr, RESOLV::lookup, RESOLVER::summarize, RESOLVER::name_lookup, REST::send, return, rmd160, server_addr, server_port, serverside, session, sha1, sha256, sha384, sha512, sharedvar, snat, snatpool, substr, table, tcl_platform, timing, TMM::cmp_count, TMM::cmp_group, TMM::cmp_unit, traffic_group, translate, urlcatblindquery, urlcatquery, use, VALIDATE::protocol, virtual, vlan_id, when, whereis
GTM	discard, DNS::additional, DNS::answer, DNS::authority, DNS::class, DNS::disable, DNS::drop, DNS::edns0, DNS::enable, DNS::header, DNS::last_act, DNS::len, DNS::name, DNS::origin, DNS::ptype, DNS::query, DNS::question, DNS::rdata, DNS::return, DNS::rr, IP::client_addr
GTP	GTP::discard, GTP::header, GTP::header extension, GTP::ie, GTP::length, GTP::message, GTP::payload, GTP::tunnel
HA	HA::status
High Speed Logging	HSL::open, HSL::send
HTML	HTML::comment , HTML::disable, HTML::enable, HTML::tag, HTML::tag attribute
HTTP	HTTP::class, HTTP::close, HTTP::collect, HTTP::cookie, HTTP::disable, HTTP::enable, HTTP::fallback, HTTP::has_responded, HTTP::header, HTTP::host, HTTP::hsts, HTTP::is_keepalive, HTTP::is_redirect, HTTP::method, HTTP::passthrough_reason, HTTP::password, HTTP::path, HTTP::payload, HTTP::proxy, HTTP::query, HTTP::redirect, HTTP::reject_reason, HTTP::release, HTTP::request, HTTP::request_num, HTTP::respond, HTTP::response, HTTP::retry, HTTP::status, HTTP::uri, HTTP::username, HTTP::version
HTTP2	HTTP2::active, HTTP2::disable, HTTP2::disconnect, HTTP2::enable, HTTP2::header, HTTP2::push, HTTP2::requests, HTTP2::stream, HTTP2::version, HTTP2::concurrency
ICAP	ICAP::header, ICAP::method, ICAP::status, ICAP::uri
IKE	IKE::auth_success, IKE::cert, IKE::san_dirname, IKE::san_dns, IKE::san_ediparty, IKE::san_email, IKE::san_ipadd, IKE::san_othername, IKE::san_rid, IKE::san_uri, IKE::san_x400, IKE::subjectAltName
ILX	ILX::call, ILX::init, ILX::notify
IMAP	IMAP::activation_mode, IMAP::disable, IMAP::enable
IP	IP::addr, IP::client_addr, IP::hops, IP::idle_timeout, IP::ingress_drop_rate, IP::ingress_drop_rate, IP::intelligence, IP::local_addr, IP::protocol, IP::remote_addr, IP::server_addr, IP::stats, IP::tos, IP::ttl, IP::version, IP::reputation
IPFIX	IPFIX::destination, IPFIX::msg, IPFIX::template
ISESSION	ISESSION::deduplication
iStats	ISTATS::remove, ISTATS::get, ISTATS::incr, ISTATS::set
IVS	IVS_ENTRY::result
L7CHECK	L7CHECK::protocol
LB	LB::bias, LB::class, LB::command, LB::connect, LB::connlimit, LB::context_id, LB::detach, LB::down, LB::dst_tag, LB::enable_decisionlog, LB::mode, LB::persist, LB::prime, LB::reselect, LB::select, LB::server, LB::snat, LB::src_tag, LB::status, LB::up, LB::queue
LINK	LINK::lasthop, LINK::nexthop, LINK::qos, LINK::vlan_id
LSN	LSN::inbound-entry, LSN::address, LSN::disable, LSN::inbound, LSN::persistence, LSN::persistence-entry, LSN::pool, LSN::port
MESSAGE	MESSAGE::field, MESSAGE::proto, MESSAGE::type
MQTT	MQTT::clean_session, MQTT::client_id, MQTT::collect, MQTT::disable, MQTT::disconnect, MQTT::drop, MQTT::dup, MQTT::enable, MQTT::insert, MQTT::keep_alive, MQTT::length, MQTT::message, MQTT::packet_id, MQTT::password, MQTT::payload, MQTT::protocol_name, MQTT::protocol_version, MQTT::qos, MQTT::release, MQTT::replace, MQTT::respond, MQTT::retain, MQTT::return_code, MQTT::return_code_list, MQTT::session_present, MQTT::topic, MQTT::type, MQTT::username, MQTT::will
MR	MR::available_for_routing, MR::collect, MR::connect_back_port, MR::connection_instance, MR::connection_mode, MR::equivalent_transport, MR::flow_id, MR::ignore_peer_port, MR::instance, MR::max_retries, MR::message, MR::payload, MR::peer, MR::prime, MR::protocol, MR::release, MR::restore, MR::retry, MR::return, MR::store, MR::stream, MR::transport
NAME Deprecated	NAME::lookup, NAME::response
NSH	NSH::chain, NSH::context, NSH::md1, NSH::mimic, NSH::mocksf, NSH::path_id, NSH::service_index
NTLM	NTLM::disable, NTLM::enable
ONECONNECT	ONECONNECT::detach, ONECONNECT::label, ONECONNECT::reuse
PCP	PCP::reject, PCP::request, PCP::response
PEM	PEM::disable, PEM::enable, PEM::flow, PEM::policy, PEM::session, pem_dtos, PEM::subscriber, urlcatquery
POLICY	POLICY::controls, POLICY::names, POLICY::rules, POLICY::targets
POP3	POP3::activation_mode, POP3::disable, POP3::enable
PROFILE	PROFILE::access, PROFILE::auth, PROFILE::clientssl, PROFILE::diameter, PROFILE::exists, PROFILE::fasthttp, PROFILE::fastL4, PROFILE::ftp, PROFILE::http, PROFILE::httpclass, PROFILE::oneconnect, PROFILE::persist, PROFILE::serverssl, PROFILE::stream, PROFILE::tcp, PROFILE::udp, PROFILE::xml, PROFILE::httpcompression, PROFILE::webacceleration
PSC	PSC::attr, PSC::auth_user_name, PSC::calling_id, PSC::imeisv, PSC::imsi, PSC::ip_address, PSC::lease_time, PSC::policy, PSC::subscriber_id, PSC::tower_id, PSC::user_name
QOE	QOE::disable, QOE::enable, QOE::video
RADIUS	radius_authenticate, RADIUS::avp, RADIUS::code, RADIUS::id, RADIUS::rtdom
RESOLV	RESOLV::lookup
RESOLVER	RESOLVER::summarize, RESOLVER::name_lookup
REWRITE	REWRITE::disable, REWRITE::enable, REWRITE::payload, REWRITE::post_process
ROUTE	ROUTE::age, ROUTE::bandwidth, ROUTE::clear, ROUTE::cwnd, ROUTE::domain, ROUTE::expiration, ROUTE::mtu, ROUTE::rtt, ROUTE::rttvar
RTSP	RTSP::collect, RTSP::header, RTSP::method, RTSP::msg_source, RTSP::payload, RTSP::release, RTSP::respond, RTSP::status, RTSP::uri, RTSP::version
SCTP	SCTP::client_port, SCTP::collect, SCTP::local_port, SCTP::mss, SCTP::payload, SCTP::ppi, SCTP::release, SCTP::remote_port, SCTP::respond, SCTP::rto_initial, SCTP::rto_max, SCTP::rto_min, SCTP::sack_timeout, SCTP::server_port
SDP	SDP::field, SDP::media, SDP::session_id
SIDEBAND	close, connect, connect info, recv, send
SIP	SIP::call_id, SIP::discard, SIP::from, SIP::header, SIP::message, SIP::method, SIP::payload, SIP::persist, SIP::record-route, SIP::respond, SIP::response, SIP::route, SIP::route_status, SIP::to, SIP::uri, SIP::via
SMTPS	SMTPS::activation_mode, SMTPS::disable, SMTPS::enable
SOCKS	SOCKS::allowed, SOCKS::destination, SOCKS::version
SSL	SSL::allow_dynamic_record_sizing, SSL::allow_nonssl, SSL::alpn, SSL::authenticate, SSL::cert, SSL::cipher, SSL::clientrandom, SSL::collect, SSL::disable, SSL::enable, SSL::extensions, SSL::forward_proxy, SSL::handshake, SSL::is_renegotiation_secure, SSL::maximum_record_size, SSL::mode, SSL::modssl_sessionid_headers, SSL::nextproto, SSL::payload, SSL::profile, SSL::release, SSL::renegotiate, SSL::respond, SSL::secure_renegotiation, SSL::session, SSL::sessionid, SSL::sessionsecret, SSL::sessionticket, SSL::sni, SSL::tls13_secret, SSL::unclean_shutdown, SSL::verify_result
STATS	STATS::get, STATS::incr, STATS::set, STATS::setmax, STATS::setmin
STREAM	STREAM::disable, STREAM::enable, STREAM::encoding, STREAM::expression, STREAM::match, STREAM::max_matchsize, STREAM::replace
TCP	TCP::abc, TCP::analytics, TCP::autowin, TCP::bandwidth, TCP::client_port, TCP::close, TCP::collect, TCP::congestion, TCP::delayed_ack, TCP::dsack, TCP::earlyrxmit, TCP::ecn, TCP::enhanced_loss_recovery, TCP::idletime, TCP::keepalive, TCP::limxmit, TCP::local_port, TCP::lossfilter, TCP::lossfilterburst, TCP::lossfilterrate, TCP::mss, TCP::nagle, TCP::naglemode, TCP::naglestate, TCP::notify, TCP::offset, TCP::option, TCP::pacing, TCP::payload, TCP::proxybuffer, TCP::proxybufferhigh, TCP::proxybufferlow, TCP::push_flag, TCP::rcv_scale, TCP::rcv_size, TCP::recvwnd, TCP::release, TCP::remote_port, TCP::respond, TCP::rexmt_thresh, TCP::rt_metrics_timeout, TCP::rto, TCP::rtt, TCP::rttvar, TCP::sendbuf, TCP::server_port, TCP::setmss, TCP::snd_cwnd, TCP::snd_scale, TCP::snd_ssthresh, TCP::snd_wnd, TCP::unused_port
TMM	TMM::cmp_count, TMM::cmp_group, TMM::cmp_primary_group, TMM::cmp_unit
UDP	UDP::client_port, UDP::debug_queue, UDP::drop, UDP::hold, UDP::local_port, UDP::max_buf_pkts, UDP::max_rate, UDP::mss, UDP::payload, UDP::release, UDP::remote_port, UDP::respond, UDP::sendbuffer, UDP::server_port, UDP::unused_port
URI	URI::basename, URI::compare, URI::decode, URI::encode, URI::host, URI::path, URI::port, URI::protocol, URI::query
VDI	VDI::disable, VDI::enable
WAM	WAM::disable, WAM::enable
WEBSSO	WEBSSO::disable, WEBSSO::enable, WEBSSO::select
WS	WS::collect, WS::disconnect, WS::enabled, WS::frame, WS::masking, WS::message, WS::payload, WS::release, WS::request, WS::response
X509	X509::cert_fields, X509::extensions, X509::hash, X509::issuer, X509::not_valid_after, X509::not_valid_before, X509::serial_number, X509::signature_algorithm, X509::subject, X509::subject_public_key, X509::subject_public_key_RSA_bits, X509::subject_public_key_type, X509::verify_cert_error_string, X509::version, X509::whole
XLAT	XLAT::listen, XLAT::listen_lifetime, XLAT::src_addr, XLAT::src_config, XLAT::src_endpoint_reservation, XLAT::src_nat_valid_range, XLAT::src_port
XML	XML::address, XML::collect, XML::element, XML::event, XML::eventid, XML::parse, XML::release, XML::soap, XML::subscribe

AAA¶

AAA::acct_result - used to check whether the accounting information is sent successfully to IVS or not
AAA::acct_send - used to send user accouting information to IVS virtual
AAA::auth_result - used to check whether the authentication information is sent successfully to IVS or not
AAA::auth_send - used to send user authentication information to IVS virtual

ACCESS¶

ACCESS::acl - Poll or enforce ACLs in your connections
ACCESS::disable - Control enforcement for a particular request URI
ACCESS::enable - enables the access control enforcement for a particular request URI
ACCESS::flowid - set/get the flow id for SSL Orchestrator using APM logging framework
ACCESS::log - logs a message using APM logging framework
ACCESS::oauth - returns a JSON Web Signature token
ACCESS::perflow - String of perflow variable; empty if value isn’t set
ACCESS::policy - Return information about access policies
ACCESS::respond - This command generates new respond and automatically overrides the default respond.
ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
ACCESS::saml - allows you to retrieve or manipulate SAML related messages
ACCESS::session - Access or manipulate session information.
ACCESS::user - Returns user ID information
ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
ACCESS2::access2_proc - return the TCL procedure registered for currently executing per-request policy expression.

ACL¶

ACL::action - allows you to determine the ACL action in the FLOW_INIT event
ACL::eval - enforces ACLs in your connections

ADAPT¶

ADAPT::allow - sets or returns the allow attribute
ADAPT::context_create - creates a new dynamic context on the specified or current side
ADAPT::context_current - returns a handle for the current context
ADAPT::context_delete_all - deletes all dynamic contexts on both sides of the virtual server
ADAPT::context_name - returns the name of a context
ADAPT::context_static - returns a handle for the static context of the current or specified side
ADAPT::enable - sets or returns the enable attribute
ADAPT::preview_size - sets or returns the preview-size attribute.
ADAPT::result - sets or returns the adaption result code.
ADAPT::select - sets or returns the internal-virtual attribute
ADAPT::service_down_action - sets or returns the service_down_action attribute.
ADAPT::timeout - sets or returns the timeout attribute

ADM¶

ADM::health - Return health value as integer. Lower values are good health
ADM::is_ip_slowdown - Returns TRUE if source IP exists in greylist table
ADM::is_mitigated - Returns TRUE if certain HTTP request was mitigated by ADM

AES¶

AES::decrypt - Decrypt the data using the previously-created AES key.
AES::encrypt - Encrypt the data using the previously-created AES key.
AES::key - Creates an AES key to encrypt/decrypt data.

ANTIFRAUD¶

ANTIFRAUD::alert_additional_info - returns a list of keys and values that describes integrity parameters check failure or parameter values too long error
ANTIFRAUD::alert_bait_signatures - returns the bait signatures in an escaped base64 format
ANTIFRAUD::alert_component - returns the error type according to alert_type
ANTIFRAUD::alert_defined_value - returns defined (configured) value.
ANTIFRAUD::alert_details - returns or sets alert details
ANTIFRAUD::alert_device_id - returns flash GUID
ANTIFRAUD::alert_expected_value - returns expected (verified) value
ANTIFRAUD::alert_fingerprint - returns fingerprint data collected on client side
ANTIFRAUD::alert_forbidden_added_element - returns forbidden added HTML element and its content, in an escaped base64 format
ANTIFRAUD::alert_guid - returns GUID that is used to identify which users have been infected with malware before the user logs in
ANTIFRAUD::alert_html - returns the whole HTML in an escaped base64 format
ANTIFRAUD::alert_http_referrer - returns HTTP referrer
ANTIFRAUD::alert_id - returns an alert id
ANTIFRAUD::alert_license_id - returns crc32 of the license id in hex
ANTIFRAUD::alert_min - returns variable data from client side for the alert
ANTIFRAUD::alert_origin - returns the origin of the alert, e.g. clientside, serverside or secure alert cookie.
ANTIFRAUD::alert_resolved_value - returns resolved (actual) value.
ANTIFRAUD::alert_score - returns the alert severity
ANTIFRAUD::alert_transaction_data - returns key-value list of all parameters marked to be attached
ANTIFRAUD::alert_transaction_id - returns HTTP transaction ID
ANTIFRAUD::alert_type - returns the alert type
ANTIFRAUD::alert_username - returns a username and for phishing also additional fields
ANTIFRAUD::alert_view_id - returns the configured URL and view which triggered this alert
ANTIFRAUD::client_id - returns client id collected on client side
ANTIFRAUD::device_id - returns device id generated by bigip
ANTIFRAUD::disable - disables the anti-fraud plugin
ANTIFRAUD::disable_alert - disables the current alert
ANTIFRAUD::disable_app_layer_encryption - disables application layer encryption for the current transaction
ANTIFRAUD::disable_auto_transactions - disables automatic transactions for the current transaction
ANTIFRAUD::disable_injection - disables Anti-Fraud injections for the current transaction.
ANTIFRAUD::disable_malware - disables malware detection for the current transaction
ANTIFRAUD::disable_phishing - disables phishing detection for the current transaction
ANTIFRAUD::enable - enables the anti-fraud plugin
ANTIFRAUD::enable_log - enables Anti-Fraud TMM logs for the current transaction
ANTIFRAUD::fingerprint - returns fingerprint data collected on the client side
ANTIFRAUD::geo - returns L3 geoIP and geolocation collected by client
ANTIFRAUD::guid - returns GUID value, only in context of ANTIFRAUD_LOGIN event
ANTIFRAUD::result - returns result of login validation

APM¶

ACCESS::acl - Poll or enforce ACLs in your connections
ACCESS::disable - Control enforcement for a particular request URI
ACCESS::enable - enables the access control enforcement for a particular request URI
ACCESS::log - logs a message using APM logging framework
ACCESS::oauth - returns a JSON Web Signature token
ACCESS::policy - Return information about access policies
ACCESS::respond - This command generates new respond and automatically overrides the default respond.
ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
ACCESS::session - Access or manipulate session information.
ACCESS::user - Returns user ID information
ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
REWRITE::disable - Changes the REWRITE plugin from full patching mode to passthrough mode.
REWRITE::enable - Changes the REWRITE plugin from passthrough to full patching mode.
REWRITE::payload - Queries for or manipulates REWRITE payload.
REWRITE::post_process - Toggle post processing functionality
WEBSSO::disable - Forwards a request without doing SSO processing on it.
WEBSSO::enable - Causes APM to do the SSO processing on a request.
WEBSSO::select - Use specified SSO configuration object to do SSO for the HTTP request

ASM¶

ASM::captcha - Responds with a CAPTCHA challenge
ASM::captcha_age - Returns the age of the CAPTCHA challenge in seconds
ASM::captcha_status - Returns the status of the user’s answer to the CAPTCHA challenge
ASM::client_ip - Returns the IP address of the end client that sent the present request
ASM::deception - Marks a request as deceptive for further enforcement by ASM.
ASM::disable - Disables plugin processing on the connection.
ASM::enable - Enables plugin processing on the connection.
ASM::fingerprint - returns the FP id if available
ASM::is_authenticated - Returns true if the user in the present request is logged in
ASM::login_status - Request status of the login session tracked by one of the login pages defined in the policy.
ASM::microservice - returns the microservice matched for the request
ASM::payload - This command retrieves or replaces the payload collected by ASM.
ASM::policy - Returns the ASM policy applied on the request
ASM::raise - Issues a user-defined violation on the present request
ASM::severity - Returns the overall severity of the violations found in the transaction (both request and response)
ASM::signature - returns the list of signatures
ASM::status - Returns the current status of the request or response
ASM::support_id - Returns the support id of the present HTTP transaction
ASM::threat_campaign - Returns the list of threat campaigns
ASM::unblock - Overrides the blocking action for a request that had blocking violation
ASM::uncaptcha - Overrides the CAPTCHA action
ASM::username - request username from a login attempt throughout the login session.
ASM::violation - Returns the list of violations found in the present request or response together with details on each one
ASM::violation_data - This command exposes violation data using a multiple buffers instance
DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

ASN1¶

ASN1::decode - used to decode ASN.1 records
ASN1::element - returns ASN1.1 record elements
ASN1::encode - used to encode ASN.1 records

AUTH¶

AUTH::abort - Cancels any outstanding auth operations in this authentication session.
AUTH::authenticate - Performs a new authentication operation.
AUTH::authenticate_continue - Continues an authentication operation.
AUTH::cert_credential - Sets the peer certificate credential to the value of a peer certificate for a future AUTH::authenticate call.
AUTH::cert_issuer_credential - Sets the peer certificate issuer credential to the value of for a future AUTH::authenticate call.
AUTH::last_event_session_id - Returns the session ID of the last auth event
AUTH::password_credential - Sets the password credential to the specified string for a future AUTH::authenticate call.
AUTH::response_data - Returns pairwise auth query results
AUTH::ssl_cc_ldap_status - Returns the status from the last successful client certificate-based LDAP query.
AUTH::ssl_cc_ldap_username - Returns a user name that the system retrieved from the LDAP database.
AUTH::start - Initializes an authentication session.
AUTH::status - Returns authentication status.
AUTH::subscribe - Registers interest in auth query results.
AUTH::unsubscribe - Cancels interest in auth query results.
AUTH::username_credential - Sets the username credential to a string. for a future AUTH::authenticate call.
AUTH::wantcredential_prompt - Returns a string for an authorization session authid’s credential prompt.
AUTH::wantcredential_prompt_style - Returns an authorization session authid’s credential prompt style.
AUTH::wantcredential_type - Returns an authorization session authid’s credential type

AVR¶

AVR::disable - Disables the AVR plugin for the current connection
AVR::enable - Enables the AVR plugin for the current connection
AVR::log - logs an event for stats.
AVR::disable_cspm_injection - Disables the injection of CSPM javascript to the response payload

BOTDEFENSE¶

BOTDEFENSE::action - Returns the action to be taken by Bot Defense
BOTDEFENSE::bot_anomalies - returns the list of names of anomalies detected for the client that sent the current request
BOTDEFENSE::bot_categories - returns the list of category names to which the current client belongs
BOTDEFENSE::bot_name - returns the name assigned to the detected bot, browser or mobile application
BOTDEFENSE::bot_signature - returns the name of the detected Bot Signature
BOTDEFENSE::bot_signature_category - returns the name of the detected Bot Signature Category
BOTDEFENSE::captcha_age - Returns the age of the CAPTCHA challenge in seconds
BOTDEFENSE::captcha_status - Returns the status of the user’s answer to the CAPTCHA challenge
BOTDEFENSE::client_class - returns the classification of the client based on the current request and its browsing history
BOTDEFENSE::client_type - returns the type of the client that sent the request
BOTDEFENSE::cookie_age - Returns the age of the Bot Defense cookie in seconds
BOTDEFENSE::cookie_status - Returns the status of the Bot Defense cookie
BOTDEFENSE::cs_allowed - Returns or sets if the client-side actions are allowed
BOTDEFENSE::cs_attribute - Queries for or sets attributes for the client-side challenge
BOTDEFENSE::cs_possible - Returns “true” or “false” based on whether it is possible to take one of the client-side actions
BOTDEFENSE::device_id - Returns a number, representing the Device ID of the client, as retrieved from the request
BOTDEFENSE::disable - Disables processing and blocking of the request by Bot Defense
BOTDEFENSE::enable - Enables processing and blocking of the request by Bot Defense
BOTDEFENSE::intent-

returns the intent found for the bot that sent the current request

BOTDEFENSE::micro_service-

returns the micro-service that matched the current request

BOTDEFENSE::previous_action - returns the action taken by the previous request
BOTDEFENSE::previous_request_age - returns the number of seconds that passed since the previous request was received
BOTDEFENSE::previous_support_id - returns the Support ID of the previous request
BOTDEFENSE::reason - Returns the reason that lead Bot Defense to decide on the action to be taken
BOTDEFENSE::support_id - returns the support ID of the request

BWC¶

BWC::color - allows a category assignment to dynamic policies
BWC::debug - used for troubleshooting a bwc

policy instance

BWC::mark - assign tos and qos values to a flow
BWC::measure - start or stop measurement on a per policy or on a per flow basis
BWC::policy - Attach/Detach a bandwidth policy to a flow
BWC::pps - allows modification of the packets per second for the session
BWC::priority - map a policy instance or category to a priority class of a priority group
BWC::rate - allows for a different bandwidth be set on dynamic policies

CACHE¶

CACHE::accept_encoding - Overrides the accept_encoding value used by the cache to store the cached content.
CACHE::age - Returns the age of the document in the cache.
CACHE::disable - Disables the caching for this request.
CACHE::enable - Forces the document to be cached.
CACHE::expire - Forces the document to be revalidated from the server.
CACHE::fresh - Returns state of freshness

flag for request

CACHE::header - Get the content of an Header related to an object stored in the RamCache.
CACHE::headers - Returns the HTTP headers of the cache response.
CACHE::hits - Returns the document cache hits.
CACHE::payload - Returns the HTTP payload of the cache response.
CACHE::priority - Adds a priority to cached documents.
CACHE::trace - Dump the list of cached objects for a HTTP profile where RAM cache is enabled.
CACHE::uri - Overrides the URI value used by the cache to store the cached content.
CACHE::useragent - Overrides the useragent value used by the cache to reference the cached content.
CACHE::userkey - Allows users to add user-defined values to the key used by the cache to reference the cached content.

CATEGORY¶

CATEGORY::analytics - enables or disables the analytics server on a per request basis
CATEGORY::filetype - checks for the mime type and mime subtype of an HTTP request payload
CATEGORY::matchtype - stores the match result in the specified variable
CATEGORY::result - Returns a list of categories or safe search parameters
CATEGORY::safesearch - checks for safe search parameters for the given URL
CATEGORY::lookup - returns the category of the supplied URL

CLASSIFICATION¶

CLASSIFICATION::app - provides classification for the most explicit application name
CLASSIFICATION::category - provides classification category name
CLASSIFICATION::disable - disables classification for the current flow
CLASSIFICATION::enable - enables classification for the current flow
CLASSIFICATION::protocol - provides classification for the least explicit application name
CLASSIFICATION::result - provides classification results.
CLASSIFICATION::urlcat - provides classification url category name
CLASSIFICATION::username - returns username associated with classification results

CLASSIFY¶

CLASSIFY::application - allows you to set or add an app name to the classification.
CLASSIFY::category - allows you to set or add a category name to the classification
CLASSIFY::defer - defers the classification of the flow to response
CLASSIFY::disable - disables the classification of the flow
CLASSIFY::urlcat - allows you to set or add an url category to the classification.
CLASSIFY::username - assigns the username to the flow

COMPRESS¶

COMPRESS::buffer_size - Sets the compression buffer size.
COMPRESS::disable - Disables compression for the current HTTP response.
COMPRESS::enable - Enables compression for the current HTTP response.
COMPRESS::gzip - Sets HTTP data compression criteria.
COMPRESS::method - Specifies the preferred compression algorithm.
COMPRESS::nodelay - desc tbd

CONNECTOR¶

CONNECTOR::disable - Disable all the connectors on chain.
CONNECTOR::enable - Enable all the connectors on chain.
CONNECTOR::profile - Get connector profile name.
CONNECTOR::remap - Set client/server IP/Port from connector.

CRYPTO¶

CRYPTO::decrypt - decrypts data.
CRYPTO::encrypt - encrypts data
CRYPTO::hash - generates a hash on a piece of data
CRYPTO::keygen - used to generate keys that can be used to encrypt and sign data
CRYPTO::sign - used to provide a digital signature of a block of data.
CRYPTO::verify - used to verify a signed block of data

DATAGRAM¶

DATAGRAM::dns - returns DNS header information
DATAGRAM::ip - returns ip header information
DATAGRAM::ip6 - returns ipv6 header information
DATAGRAM::l2 - returns Layer 2 destination address
DATAGRAM::tcp - returns tcp header information.
DATAGRAM::udp - returns UDP payload information

DHCP¶

DHCP::version - returns the DHCP version
DHCPv4::hlen - Returns hlen (hardware len) field from DHCPv4 message
DHCPv4::htype - Returns htype (hardware type) field from DHCPv4 message
DHCPv4::chaddr - Returns chaddr (client hardware address) from DHCPv4 message
DHCPv4::ciaddr - Returns ciaddr (client IP) field from DHCPv4 message
DHCPv4::drop - Drops the packet silently
DHCPv4::giaddr - Returns giaddr (gateway or relay IP) field from DHCPv4 message
DHCPv4::hops - Returns hops (num. of hops) field from DHCPv4 message
DHCPv4::len - Returns the length of the DHCP packet length
DHCPv4::opcode - Returns opcode field from DHCPv4 message
DHCPv4::option - Retrieves or sets the option by id number x
DHCPv4::reject - Drops the packet while sending ICMP packet about the drop reason
DHCPv4::secs - Returns xid (transaction ID) field from DHCPv4 message
DHCPv4::siaddr - Returns siaddr (server IP) field from DHCPv4 message
DHCPv4::type - Returns type of DHCPv4 message
DHCPv4::xid - Returns xid (transaction ID) field from DHCPv4 message
DHCPv4::yiaddr - Returns yiaddr (your IP) field from DHCPv4 message
DHCPv6::drop - Drops the packet silently
DHCPv6::hop_count - Returns hop-count field from DHCPv6 RELAY message
DHCPv6::len - Returns the length of the DHCP packet length
DHCPv6::link_address - Returns link address field from DHCPv6 RELAY message
DHCPv6::msg_type - Returns msg-type field from DHCPv6 message
DHCPv6::option - Retrieves, sets or deletes the option by id number x
DHCPv6::peer_address - Returns peer address field from DHCPv6 RELAY message
DHCPv6::reject - Drops the packet while sending ICMP packet about the drop reason
DHCPv6::transaction_id - Returns transaction-id field from DHCPv6 message

DIAMETER¶

DIAMETER::avp - detailed access to diameter attribute-value pairs
DIAMETER::command - gets or sets the command-code
DIAMETER::disconnect - sends Disconnect-Peer-Request to client or server based on context.
DIAMETER::drop - drops the current message quietly
DIAMETER::header - gets or sets the DIAMETER header fields
DIAMETER::host - gets or sets the value of the origin-host or destination-host attribute-value pair
DIAMETER::is_request - returns true if it is a DIAMETER request, otherwise returns false
DIAMETER::is_response - returns true if it is a DIAMETER response, otherwise, returns false.
DIAMETER::is_retransmission - returns true if the current message is a retransmitted request
DIAMETER::length - gets diameter message length
DIAMETER::message - returns the whole Diameter message as a TCL string object.
DIAMETER::payload - gets or sets DIAMETER message payload
DIAMETER::persist - returns the persistence key being used for the current message
DIAMETER::realm - gets or sets the value of the origin-realm or destination-realm attribute-value pair.
DIAMETER::respond - send message to client or server (based on context)
DIAMETER::result - gets or sets the value of the result-code attribute-value pair.
DIAMETER::retransmission - allows the setting or getting of the current message’s retransmission settings
DIAMETER::retransmission_default - gets or sets the current connection’s retransmission settings
DIAMETER::retransmission_reason - returns the reason the current request was retransmitted
DIAMETER::retransmit - triggers the request associated to the current answer message for retransmission
DIAMETER::retry - tries to send the Diameter message contained in the binary array “binary_message”
DIAMETER::route_status - returns the routing status of the current message
DIAMETER::session - gets or sets the session-id attribute-value pair
DIAMETER::skip_capabilities_exchange - skip capabilities exchange

when establishing a peering relationship

DIAMETER::state - returns the current state of the Diameter peer’s connection

DNS¶

DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
DNS::class - gets or sets the resource record class field
DNS::disable - sets the service state to disabled for the current dns packet.
DNS::drop - Drops the current DNS packet after the execution of the event.
DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
DNS::enable - sets the service state to enabled for the current dns packet.
DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
DNS::is_wideip - returns status (true/false) if a string is a configured wide IP.
DNS::last_act - sets the action to perform if no DNS service handles this packet
DNS::len - returns the dns packet message length.
DNS::name - gets or sets the resource record name field
DNS::origin - returns the originator of the DNS message
DNS::ptype - returns the type of the DNS packet.
DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
DNS::rdata - gets or sets the resource record rdata field
DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
DNS::rpz_policy - returns the RPZ policy

associated with the DNS cache

DNS::rr - creates a new resource record object with specified attributes or as a complete string.
DNS::rrname - Returns the name requested by the client.
DNS::rrtype - Returns the resource record type requested by the client.
DNS::scrape - allows users to walk over a DNS message and parse out information from the packet based on user supplied arguments
DNS::tsig - manipulates the current DNS message and its TSIG resource record.
DNS::ttl - gets or sets the resource record ttl field
DNS::type - gets or sets the resource record type field
whereis - Returns geographical information on an IP address.

DNSMSG¶

DOSL7¶

DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
DOSL7::health - returns the DOSL7 server health value for current virtual server
DOSL7::is_ip_slowdown - returns TRUE if source IP exists in greylist table
DOSL7::is_mitigated - returns TRUE if certain HTTP request was mitigated
DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted
DOSL7::slowdown - Adds source IP extracted from current connection to greylist

DSLITE¶

DSLITE::remote_addr - Returns the remote DS-Lite tunnel endpoint IP address.

ECA¶

ECA::client_machine_name - returns NTLM

authenticating user’s machine name

ECA::disable - disables the plugin in the flow.
ECA::domainname - returns NTLM authenticating user’s domain name
ECA::enable - enables the plugin in the flow
ECA::select - replacement for NTLM::select
ECA::status - returns NTLM authentication result
ECA::username - returns NTLM authenticating username.

FIX¶

BIGPROTO::enable_fix_reset - enables or disables reset of FIX protocol connections
FIX::tag - defines/deletes the mapping between senderCompID and a tag map data group

FLOW¶

FLOW::create_related - creates a related connection between clientside and serverside
FLOW::idle_duration - returns the time in seconds when the flow was last used.
FLOW::idle_timeout - Sets/Gets the idle timeout on the flow
FLOW::peer - returns the TCL flow handle for the peer flow
FLOW::priority - used to overwrite the flow’s internal packet priority
FLOW::refresh - updates the last used time on the flow to now
FLOW::this - returns the TCL handle for the current flow

FLOWTABLE¶

FLOWTABLE::count - returns flow counts
FLOWTABLE::limit - returns configured connection limits

FTP¶

FTP::allow_active_mode - enables or disables the active transfer mode
FTP::disable - disables FTP protocol handler for FTP message processing
FTP::enable - enables FTP protocol handler for FTP message processing
FTP::enforce_tls_session_reuse - enables or disables enforcing TLS session reuse
FTP::ftps_mode - gets or sets the FTPS activation mode
FTP::port - allows restriction of FTP ephemeral ports

GENERICMESSAGE¶

GENERICMESSAGE::message - returns or sets values in the message routing framework
GENERICMESSAGE::peer - returns or sets the peer’s route name
GENERICMESSAGE::route - add, delete, or lookup message routes

GLOBAL¶

accumulate - Terminates iRule processing until more data is received.
ACL::eval - enforces ACLs in your connections
active_members - Returns the number or list of active members in the specified pool.
active_nodes - Returns the alias for active members of the specified pool (for BIG-IP version 4.X compatibility).
after - Execute iRules code after a set period of delay.
b64decode - Returns a string that is base-64 decoded
b64encode - Returns a string that is base-64 encoded. or if an error occurs. an empty string.
BIGTCP::release_flow - Transition layer 7 FIX message to layer 4
call - Call an iRule procedure
CATEGORY::lookup - returns the category of the supplied URL
class - Advanced access of classes
client_addr - Returns the client IP address of a connection.
client_port - Returns the TCP port number/service of the specified client.
clientside - Causes the specified iRule commands to be evaluated under the client-side context.
clone - Causes the system to clone traffic to the specified pool or pool member regardless of monitor status.
CONNECTOR::disable - disables all the connectors on chain
CONNECTOR::enable - enables all the connectors on chain
cpu - The cpu usage command returns the average TMM cpu load for the given interval.
crc32 - Returns the crc32 checksum for the specified string.
decode_uri - Decodes the specified string using HTTP URI encoding.
DECOMPRESS::disable - Disable DECOMPRESS feature on current flow.
DECOMPRESS::enable - Enable DECOMPRESS feature on current flow.
DEMANGLE::disable -
DEMANGLE::enable -
discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
DNSMSG::header -
DNSMSG::record -
DNSMSG::section -
domain - Parses the specified string as a dotted domain name and returns the last portions of the domain name.
drop - Causes the current packet or connection to be dropped/discarded. Same as the discard command.
event - Enables or disables evaluation of the specified iRule event. or all iRule events. on this connection.
fasthash - returns a numeric hash of string
findclass - Searches a data group list for a member that starts with a specified string and returns the data-group member string.
findstr - Finds a string within another string and returns the string starting at the offset specified from the match.
forward - Sets the connection to forward IP packets.
FTP::port - allows restriction of FTP ephemeral ports
getfield - Splits a string on a character or string. and returns the string corresponding to the specific field.
HA::status - Returns true or false based on whether the unit the command is executed on is active or standby
htonl - Convert the unsigned integer from host byte order to network byte order.
htons - Convert the unsigned short integer from host byte order to network byte order.
http_cookie - Specifies the value in the Cookie: header.
http_header - Evaluates the string following an HTTP header tag that you specify.
http_host - Specifies the value in the Host: header of the HTTP request.
http_method - Specifies the action of the HTTP request.
http_uri - Specifies a URI.
http_version - Specifies the HTTP protocol version.
ifile - returns content and attributes from external files on the BIG-IP system
imid - Returns an i-mode identifier string.
ip_addr - Returns the IP address of a tmm, tmm interface, localhost, etc
ip_protocol - Returns the IP protocol value.
ip_tos - Returns the ToS level of a packet.
ip_ttl - Returns the TTL of the latest IP packet received.
lasthop - Sets the lasthop of an IP connection.
link_qos - Returns the QoS level.
listen - Sets up a related ephemeral listener to allow an incoming related connection to be established.
llookup - returns a list of values corresponding to the given key
local_addr - Deprecated: Use IP::local_addr instead
log - Generates and logs a message to the syslog-ng utility.
matchclass - Performs comparison against the contents of data group.
matchregion - Returns true/false if specified region is matched.
md5 - Returns the RSA MD5 Message Digest Algorithm message digest of the specified string.
members - List all members of a given pool for v10.x.x
nexthop - Sets the nexthop of an IP connection.
node - Sends the packet directly to the identified server node.
nodes - List all nodes within a given pool
ntohl - Convert the unsigned integer from network byte order to host byte order.
ntohs - Convert the unsigned short integer from network byte order to host byte order.
Operators - iRules operators
peer - Causes the specified iRule commands to be evaluated under the peer’s (opposite) context.
pem_dtos - Query the TAC DB for IMEI value
persist - Causes the system to use the named persistence type to persist the connection.
pool - Causes the system to load balance traffic to the specified pool or pool member regardless of monitor status.
priority - The priority command is used to set the order that like iRule events are executed.
proc - defines a procedure which is called by the call command
rateclass - Causes the system to select the specified rate class to use when transmitting packets.
redirect - Redirects an HTTP request to a specific location.
reject - Causes the connection to be rejected.
relate_client - Sets up a related established connection.
relate_server - Sets up a related established connection.
remote_addr - Deprecated: Use IP::remote_addr instead
RESOLV::lookup - Performs a DNS query for A or PTR records corresponding to a hostname or IP address.
RESOLVER::summarize -
RESOLVER::name_lookup -
REST::send - Send a rest request locally to the Big-IP REST Framework
return - Causes immediate exit from the currently executing event in the currently executing iRule.
rmd160 - Returns the RIPEMD-160 message digest of the specified string.
server_addr - Returns the IP address of the server.
server_port - Returns the TCP port/service number of the specified server.
serverside - Causes the specified iRule command to be evaluated under the server-side context.
session - Utilizes the persistence table to store arbitrary information based on the same keys as persistence.
sha1 - Returns the SHA version 1.0 message digest of the specified string.
sha256 - Returns the Secure Hash Algorithm (SHA2) 256-bit message digest of the specified string.
sha384 - Returns the Secure Hash Algorithm (SHA2) 384-bit message digest of the specified string.
sha512 - Returns the Secure Hash Algorithm (SHA2) 512-bit message digest of the specified string.
sharedvar - Allows a variable to be accessed in both sides of a VIP-targetting-VIP
snat - Causes the LTM system to assign the specified translation address to the current connection.
snatpool - Causes the specified pool of addresses to be used as translation addresses to create a SNAT.
substr - A custom iRule function which returns a substring from a string
table - The table command provides enhanced access to the session table
tcl_platform - A variable that contains platform specific information
timing - Enable and disable iRule timing statistics.
TMM::cmp_count - Provides the active number of TMM instances running.
TMM::cmp_group - Returns the number (0-x) of the group of the CPU executing the rule. Typically a group refers to the blade number on a chassis system. and is always 0 on other platforms.
TMM::cmp_unit - Returns the number (0-x) of the CPU executing the rule.
traffic_group - returns the current traffic group
translate - Enables, disables, or queries (as specified) destination address or port translation
urlcatblindquery - Query the encrypted URL for URL categorization
urlcatquery - Query the URL for URL categorization
use - A BIG-IP 4.X statement. provided for backward-compatibility.
VALIDATE::protocol - allows you to validate payload (traffic) to match given classification application
virtual - Return the name of the associated virtual server or selects another virtual server.
vlan_id - Returns the VLAN tag of the packet.
when - Used to specify an event in an iRule.
whereis - Returns geographical information on an IP address.

GTM¶

discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
DNS::class - gets or sets the resource record class field
DNS::disable - sets the service state to disabled for the current dns packet.
DNS::drop - Drops the current DNS packet after the execution of the event.
DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
DNS::enable - sets the service state to enabled for the current dns packet.
DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
DNS::last_act - sets the action to perform if no DNS service handles this packet
DNS::len - returns the dns packet message length.
DNS::name - gets or sets the resource record name field
DNS::origin - returns the originator of the DNS message
DNS::ptype - returns the type of the DNS packet.
DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
DNS::rdata - gets or sets the resource record rdata field
DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
DNS::rr - creates a new resource record object with specified attributes or as a complete string.
IP::client_addr - Returns the client IP address of a connection

GTP¶

GTP::discard - Discards the current message
GTP::header - Allows for the parsing of GTP header information.
GTP::header extension - The extension headers are identified by unique type values. The type can be appended with index, if multiple headers of same type are expected.
GTP::ie - This set of commands allows for the parsing and interpretation of GTP IE elements.
GTP::length - This value is returned as read from the message header.
GTP::message - Returns the entire GTP message.
GTP::payload - Returns the entire payload for G-PDU message. This command returns an empty value, in case of non-G-PDU messages.
GTP::tunnel - These commands parse the payload of G-PDU as IP datagram and return the values from IP header and TCP/UDP header.

HA¶

HA::status - Returns true or false based on whether the unit the command is executed on is active or standby

High Speed Logging¶

HSL::open - Open a handle for High Speed Logging communication
HSL::send - Send data via High Speed Logging

HTML¶

HTML::comment - Queries, removes HTML comment or appends/prepends it by a string.
HTML::disable - Disables the processing of HTML for this transaction.
HTML::enable - Enables the processing of HTML for this transaction.
HTML::tag - Queries, removes HTML tag and appends/prepends string to it.
HTML::tag attribute - Queries, removes and changes attribute/value pairs of this HTML tag.

HTTP¶

HTTP::class - Returns or sets the HTTP class selected by the HTTP selector.
HTTP::close - Closes the HTTP connection.
HTTP::collect - Collects an amount of HTTP body data that you specify.
HTTP::cookie - Queries for or manipulates cookies in HTTP requests and responses.
HTTP::disable - Changes the HTTP filter from full parsing to passthrough mode.
HTTP::enable - Changes the HTTP filter from passthrough to full parsing mode.
HTTP::fallback - Specifies or overrides a fallback host specified in the HTTP profile.
HTTP::has_responded - returns true if this HTTP transaction has been prematurely completed by an iRule command or other filter logic
HTTP::header - Queries or modifies HTTP headers.
HTTP::host - Returns the value of the HTTP Host header
HTTP::hsts - controls HTTP Strict Transport Security
HTTP::is_keepalive - Returns a true value if this is a Keep-Alive connection.
HTTP::is_redirect - Returns a true value if the response is a redirect.
HTTP::method - Returns the type of HTTP request method.
HTTP::passthrough_reason - returns the reason for the most recent switch to pass-through mode by the HTTP filter
HTTP::password - Returns the password part of HTTP basic authentication.
HTTP::path - Returns or sets the path part of the HTTP request.
HTTP::payload - Queries for or manipulates HTTP payload information.
HTTP::proxy - controls whether the BIG-IP will handle the proxy of the connection locally or send it to a downstream pool
HTTP::query - Returns the query part of the HTTP request.
HTTP::redirect - Redirects an HTTP request or response to the specified URL.
HTTP::reject_reason - returns the reason HTTP is aborting
HTTP::release - Releases the data collected via HTTP::collect.
HTTP::request - Returns the raw HTTP request headers.
HTTP::request_num - Returns the number of HTTP requests that a client made on the connection.
HTTP::respond - Generates a response to the client as if it came from the server.
HTTP::response - Returns the raw HTTP

response header block as a single string.

HTTP::retry - Resends a request to a server.
HTTP::status - Returns the response status code.
HTTP::uri - Returns or sets the URI part of the HTTP request.
HTTP::username - Returns the username part of HTTP basic authentication.
HTTP::version - Returns or sets the HTTP version of the request or response.

HTTP2¶

HTTP2::active - used to determine if a request is generated by HTTP/2
HTTP2::disable - changes the HTTP2 filter from full parsing to passthrough mode
HTTP2::disconnect - allows you to cleanly terminate the current HTTP/2 session
HTTP2::enable - changes the HTTP2 filter from passthrough to full parsing mode
HTTP2::header - queries or modifies HTTP/2 pseudo-headers
HTTP2::push - accepts a resource as a parameter that can be pushed to the client using PUSH_PROMISE frames
HTTP2::requests - used to determine the count of requests received in the current HTTP/2 session
HTTP2::stream - Gets or sets the stream attributes including id and priority
HTTP2::version - used to determine the HTTP/2 protocol version used
HTTP2::concurrency - used to determine the number of active concurrent streams in the current HTTP/2 session

ICAP¶

ICAP::header - sets or returns ICAP attributes in the ICAP header
ICAP::method - sets or returns the ICAP request method
ICAP::status - gets the ICAP response status code
ICAP::uri - sets or returns the ICAP request uri.

IKE¶

ILX¶

ILX::call - Invokes the specified node method
ILX::init - Establishes a communication path from an iRule to the node process.
ILX::notify - Sends a message to the specified node method but does not wait for a response

IMAP¶

IMAP::activation_mode - gets or sets the activation mode for IMAP STARTTLS
IMAP::disable - disables IMAP protocol handler for IMAP message processing
IMAP::enable - enables IMAP protocol handler for IMAP message processing

IP¶

IP::addr - Performs comparison of IP address/subnet/supernet to IP address/subnet/supernet. or parses 4 binary bytes into an IPv4 dotted quad address.
IP::client_addr - Returns the client IP address of a connection
IP::hops - Gives you the estimated number of hops the peer takes to get to you.
IP::idle_timeout - Returns or sets the idle timeout value.
IP::ingress_drop_rate - adds ip

with specified drop rate to black list table

IP::ingress_rate_limit - sets

ingress graylist and global rate limit thresholds for the virtual

IP::intelligence - returns a Tcl list of IP intelligence category names for a given IP address
IP::local_addr - Returns the IP address of the virtual server the client is connected to or the self-ip LTM is connected from.
IP::protocol - Returns the IP protocol value.
IP::remote_addr - Returns the IP address of the host on the far end of the connection.
IP::server_addr - Returns the server’s IP address.
IP::stats - Supplies information about the number of packets or bytes being sent or received in a given connection.
IP::tos - Returns the ToS value encoded within a packet.
IP::ttl - Returns the TTL of the latest IP packet received.
IP::version - Returns the IP version of a connection
IP::reputation - Looks up the supplied IP address in the IP intelligence (reputation) database and returns a TCL list containing reputation categories

IPFIX¶

IPFIX::destination - open and close IPFIX logging destinations
IPFIX::msg - create, delete and set data values in an IPFIX message based on the provided IPFIX_TEMPLATE.
IPFIX::template - create and delete user defined IPFIX message templates

ISESSION¶

ISESSION::deduplication - Allows selection of deduplication based on L7 content inspection

iStats¶

ISTATS::remove - Removes the given Stat entirely.
ISTATS::get - Reads in the value associated with the given key
ISTATS::incr - Increments the specified key by the given value.
ISTATS::set - Set the given key’s value within ISTATS

IVS¶

IVS_ENTRY::result - sends a result code to the IVS client

L7CHECK¶

L7CHECK::protocol - allows you to set or retrieve L7 protocol value

LB¶

LB::bias -
LB::class - Provides the name of the traffic class that matched the connection
LB::command - To be completed
LB::connect -
LB::connlimit - set the connection limit for virtual/node/poolmember
LB::context_id - Assigns the current connection to named context.
LB::detach - Disconnects the server side connection
LB::down - Sets the status of a node or pool member as being down.
LB::dst_tag - Sets the destination tag for the current request
LB::enable_decisionlog - enables LTM decision logging
LB::mode - Sets the load balancing mode
LB::persist - Forces a persistence record lookup and returns the result
LB::prime - Sets up serverside connections before client traffic comes
LB::reselect - Selects the next available member in the current pool, based on pool Load Balancing options
LB::select - Forces a load balancing selection and returns the result
LB::server - Returns information about the currently selected server
LB::snat - Returns information on the SNAT configuration of the virtual server.
LB::src_tag - Sets the source tag for the current request
LB::status - Returns the status of a node address or pool member.
LB::up - Sets the status of a node or pool member as being up.
LB::queue - Returns queue information

LINK¶

LINK::lasthop - Returns the MAC address of the last hop.
LINK::nexthop - Returns the MAC address of the next hop.
LINK::qos - Returns the QoS level set on the packet.
LINK::vlan_id - Returns the VLAN tag of the packet.

LSN¶

LSN::inbound-entry - creates and gets the inbound mapping for a translation address, translation port and protocol
LSN::address - Set or override translation address.
LSN::disable - Disable LSN translation.
LSN::inbound - Disable inbound connections to translation address/port.
LSN::persistence - Set translation selection mode and persistence timeout.
LSN::persistence-entry - Create or lookup translation address.
LSN::pool - Specify LSN pool for current connection.
LSN::port - Set or override translation port.

MESSAGE¶

MESSAGE::field - used for operations for a message’s field
MESSAGE::proto - returns protocol of the message
MESSAGE::type - returns the type of the current message

MQTT¶

MQTT::clean_session - gets or sets the clean_session flag of MQTT CONNECT messages
MQTT::client_id - gets or sets the client identifier of MQTT CONNECT message
MQTT::collect - collects the specified amount of MQTT message payload data
MQTT::disable - disables MQTT parsing on a connection
MQTT::disconnect - disconnects the MQTT connection
MQTT::drop - drops the current MQTT message
MQTT::dup - gets or sets the duplicate flag of MQTT PUBLISH messages
MQTT::enable - enables MQTT parsing on a connection
MQTT::insert - inserts an MQTT message
MQTT::keep_alive - gets or sets the keep_alive field of MQTT CONNECT message
MQTT::length - gets the length of an MQTT message
MQTT::message - returns the full content of the MQTT message
MQTT::packet_id - gets or sets the packet-id of an MQTT message
MQTT::password - gets or sets the password field of an MQTT CONNECT message
MQTT::payload - manipulates the payload of an MQTT PUBLISH message
MQTT::protocol_name - gets or sets the protocol-name of an MQTT CONNECT message
MQTT::protocol_version - gets or sets the protocol revision level of an MQTT CONNECT message
MQTT::qos - gets or sets the qos of MQTT PUBLISH messages
MQTT::release - releases the data collected via MQTT::collect
MQTT::replace - replaces an MQTT message
MQTT::respond - transmits an MQTT message to sender
MQTT::retain - gets or sets the retain flag of MQTT PUBLISH messages
MQTT::return_code - gets or sets the return-code field of MQTT CONNACK messages
MQTT::return_code_list - gets the return-code-list of MQTT SUBACK message
MQTT::session_present - gets or sets the session_present flag of MQTT CONNACK message
MQTT::topic - manipulates topic(s) of MQTT messages
MQTT::type - gets the type of MQTT messages
MQTT::username - gets or sets the username field of MQTT CONNECT messages
MQTT::will - gets or sets the will-topic, will-message, will-qos, and will-retain fields of MQTT CONNECT messages

MR¶

MR::available_for_routing - gets/sets the available_for_routing mode for the current connection.
MR::collect - collect the specified amount of MR message payload data.
MR::connect_back_port - gets or sets connect_back_port for the current connection
MR::connection_instance - returns the connection instance and the number of connections
MR::connection_mode - returns the connection mode of the current connection
MR::equivalent_transport - gets or sets the transport that is usable as an equivalent transport
MR::flow_id - returns a unique identifier for the current connection
MR::ignore_peer_port - sets or resets the ignore_peer_port mode of the current connection
MR::instance - returns the name of the current mr_router instance
MR::max_retries - returns the number of retries allows for this router instance
MR::message - returns or sets details in the message routing table
MR::payload - returns the data collected using the MR::collect command
MR::peer - defines a peer to use for routing a message to
MR::prime - establishes an outgoing connection to the specified host or hosts using the specified transport
MR::protocol - returns ‘generic, ‘sip’ or ‘diameter’
MR::release - releases the data collected via MR::collect iRule command.
MR::restore - returns the stored variables to the current context tcl variable store
MR::retry - sends the current message to the router for routing
MR::return - returns the current message to the originating connection
MR::store - stores a tcl variable with the mr_message object
MR::stream - start egressing bytes previously collected and stored
MR::transport - returns the name and type (virtual or config) of the transport used to configure the current connection

NAME (Deprecated)¶

NAME::lookup - Performs DNS query for A or PTR record corresponding to a hostname or IP address
NAME::response - Returns a list of records received in response to a DNS query

NSH¶

NSH::chain - sets the chain for flow
NSH::context - get or set context for NSH
NSH::md1 - sets/gets the MD1 context for NSH
NSH::mimic - Set mimic options for NSH.
NSH::mocksf - set option to mock SF functionality for NSH
NSH::path_id - gets/sets the path id for NSH
NSH::service_index - gets/sets the service index for NSH

NTLM¶

NTLM::disable - Disables processing for NTLM
NTLM::enable - Enables processing for NTLM

ONECONNECT¶

ONECONNECT::detach - Detaches server-side OneConnect connections.
ONECONNECT::label - Associate OneConnect keying information with connection.
ONECONNECT::reuse - Controls server-side connection reuse

PCP¶

PCP::reject - provides the ability to cause a PCP reqeust to fail based on processing in the iRule
PCP::request - provides access to the data sent in a PCP request
PCP::response - provides access to the data in a PCP response packet

PEM¶

PEM::disable - disable PEM
PEM::enable - enable PEM
PEM::flow - retrieves specific statistics from the flow report
PEM::policy - PEM policy initialization or retrieving of the name
PEM::session - allows you to create or delete a PEM Session entry
pem_dtos - Query the TAC DB for IMEI value
PEM::subscriber - allows you to create or delete a PEM Subscriber Session entry
urlcatquery - Query the URL for URL categorization

POLICY¶

POLICY::controls - iRule command which returns details about the policy controls for the virtual server the iRule is enabled on
POLICY::names - iRule command which returns details about the policy names for the virtual server the iRule is enabled on.
POLICY::rules - Returns the policy rules of the supplied policy that had actions executed.
POLICY::targets - Returns or sets properties of the policy rule targets for the policies associated with the virtual server that the iRule is enabled on

POP3¶

POP3::activation_mode - gets or sets the activation mode for POP3 STARTTLS
POP3::disable - disable STARTTLS for POP3
POP3::enable - enable STARTTLS for POP3

PROFILE¶

PROFILE::access - Returns the value of an access profile setting.

PROFILE::antifraud - Returns the value of an antifraud profile setting.

PROFILE::auth - Returns the value of an authentication profile setting.

PROFILE::avr - Returns the value of a avr profile setting

PROFILE::clientssl - Returns the value of a Client SSL profile setting.

PROFILE::diameter - Returns the current value of the specified setting in an assigned DIAMETER profile.

PROFILE::exchange - Returns the current value of the specified setting in the assigned

exchange profile

PROFILE::exists - Determine if a profile is configured on a virtual server

PROFILE::fasthttp - Returns the value of a Fast HTTP profile setting.

PROFILE::fastL4 - Returns the value of a Fast L4 profile setting.

PROFILE::ftp - Returns the value of an FTP profile setting.

PROFILE::http - Returns the value of an HTTP profile setting.

PROFILE::httpclass - Returns the value of an HTTP Class profile setting.

PROFILE::list - Returns all the names of the profiles of the class asked for that are attached to this virtual server

PROFILE::oneconnect - Returns the value of a Oneconnect profile setting.

PROFILE::persist - Returns the value of a persistence profile setting.

PROFILE::serverssl - Returns the value of a Server SSL profile setting.

PROFILE::stream - Returns the value of a Stream profile setting.

PROFILE::tcp - Returns the value of a TCP profile setting.

PROFILE::tftp - Returns the value of an TFTP profile setting

PROFILE::udp - Returns the value of a UDP profile setting.

` PROFILE::vdi - Returns the value of a VDI profile setting. - PROFILE::xml - Returns the value of an XML

profile setting.

PROFILE::httpcompression - Returns the value of an HTTP compression profile setting.

PROFILE::webacceleration - Returns the value of an web acceleration profile setting.

PSC¶

PSC::aaa_reporting_interval - gets or sets AAA reporting interval
PSC::attr - get the session lease time
PSC::auth_user_name - get or set authentication user name
PSC::calling_id - get or set calling id
PSC::imeisv - get or set imeisv value
PSC::imsi - get or set the imsi value
PSC::ip_address - get/set/remove ip address(es)
PSC::lease_time - get the session lease time ( (Note: the PSC::lease_time command currently not supported)
PSC::policy - get/set/remove policies
PSC::subscriber_id - get or set the subscriber id
PSC::tower_id - get or set tower id
PSC::user_name - get or set user name

QOE¶

QOE::disable - disables the video QOE filter from processing any video or non-video traffic on a connection basis
QOE::enable - enables the video QOE filter and allows processing video on a connection basis
QOE::video - returns a set of video QOE attributes from teh current video connection

RADIUS¶

radius_authenticate - creates and sends a RADIUS access request message and returns the result
RADIUS::avp - Return or add/change/remove RADIUS av pairs
RADIUS::code - Returns the RADIUS message code
RADIUS::id - Returns the RADIUS message id
RADIUS::rtdom - Overwrites the default RD ID in RADIUS scenario

RESOLV¶

RESOLV::lookup - Performs a DNS query for A or PTR records corresponding to a hostname or IP address.

RESOLVER¶

REWRITE¶

REWRITE::disable - Changes the REWRITE plugin from full patching mode to passthrough mode.
REWRITE::enable - Changes the REWRITE plugin from passthrough to full patching mode.
REWRITE::payload - Queries for or manipulates REWRITE payload.
REWRITE::post_process - Toggle post processing functionality

ROUTE¶

ROUTE::age - The age of the route metrics in seconds.
ROUTE::bandwidth - The average of the bandwidth estimates for TCP connections.
ROUTE::clear - purges the cache on all CMPs for matching connections
ROUTE::cwnd - returns in bytes the congestion window
ROUTE::domain - Returns the current routing domain of the current connection.
ROUTE::expiration - returns the expiration time in second
ROUTE::mtu - returns in bytes the max transmission unit
ROUTE::rtt - The average smoothed round-trip time for TCP connections.
ROUTE::rttvar - The average variance in smoothed round-trip times for TCP connections.

RTSP¶

RTSP::collect - Collects the amount of data that you specify.
RTSP::header - Manages headers in RTSP requests and responses.
RTSP::method - Returns a method/command from the current RTSP request.
RTSP::msg_source - Indicates whether the request or response originated from the client or the server.
RTSP::payload - Queries for or replaces content information.
RTSP::release - Releases the collected data.
RTSP::respond - Sends an RTSP response to the client.
RTSP::status - Returns the HTTP style status code from the current RTSP response.
RTSP::uri - Returns the complete URI of the RTSP request.
RTSP::version - Returns the version in the current RTSP request/response.

SCTP¶

SCTP::client_port - Returns the SCTP port/service number of the specified client.
SCTP::collect - Collects the specified amount of content data.
SCTP::local_port - Returns the local SCTP port/service number.
SCTP::mss - Returns the on-wire Maximum Segment Size (MSS) for an SCTP connection.
SCTP::payload - Returns or replaces SCTP data content.
SCTP::ppi - Returns or sets the SCTP payload protocol indicator.
SCTP::release - Resumes processing and flushes collected data.
SCTP::remote_port - Returns the remote SCTP port/service number.
SCTP::respond - Sends the specified data directly to the peer.
SCTP::rto_initial - returns the initial value of SCTP retranmission timeout
SCTP::rto_max - returns the maximum value of SCTP retranmission timeout
SCTP::rto_min - returns the minimum value of SCTP retranmission timeout
SCTP::sack_timeout - returns the SCTP’s delayed selective acknowledgement timeout
SCTP::server_port - Returns the SCTP port/service number of the specified server.

SDP¶

SDP::field - Returns the value in a given SDP field
SDP::media - Get or set SDP media information
SDP::session_id - Get the SDP session id

SIDEBAND¶

close - Closes an existing sideband connection
connect - Establishes a sideband connection
connect info - Returns a Tcl list of the specified information
recv - Receives data from a given sideband connection
send - Sends data on an existing sideband connection

SIP¶

SIP::call_id - Returns the value of the Call-ID header in a SIP request.
SIP::discard - Discard the current SIP message
SIP::from - Returns the value of the From header in a SIP request.
SIP::header - Get or set SIP header information
SIP::message - Returns content of the current message
SIP::method - Returns the type of SIP request method.
SIP::payload - Returns the accumulated SIP data content.
SIP::persist - returns (or replaces) the persistence key being used for the current message
SIP::record-route - gets SIP record-route header information
SIP::respond - Terminate a SIP response. and respond with one of your creation
SIP::response - Get or rewrite the SIP response.
SIP::route - gets SIP route header information
SIP::route_status - returns the routing status of the current message
SIP::to - Returns the value of the To header in a SIP request.
SIP::uri - Returns or sets the URI of the request.
SIP::via - Get SIP via header information

SMTPS¶

SMTPS::activation_mode - gets or sets the activation mode for SMTPS
SMTPS::disable - disables the SMTPS profile
SMTPS::enable - enables the SMTPS profile

SOCKS¶

SOCKS::allowed - enables the user to allow/reject SOCKS requests.
SOCKS::destination - enables the user to query and/or set parts of the requested connection
SOCKS::version - returns the SOCKS version

SSL¶

SSL::allow_dynamic_record_sizing - Returns the currently set value for allowing dynamic record sizing
SSL::allow_nonssl - gets/sets state of Non-SSL connections.
SSL::alpn - Sets or retrieves the ALPN string
SSL::authenticate - Overrides the current setting for authentication frequency or for the maximum depth of certificate chain traversal.
SSL::cert - Returns X509 SSL certificate data.
SSL::cipher - Returns SSL cipher information.
SSL::clientrandom - returns the ClientRandom value from the Client hello
SSL::collect - Collect plaintext data after SSL offloading
SSL::disable - Disables SSL processing.
SSL::enable - Re-enables SSL processing.
SSL::extensions - Returns or manipulates SSL extensions.
SSL::forward_proxy - sets the SSL forward proxy bypass feature to bypass or intercept.
SSL::handshake - Halts or resumes SSL activity.
SSL::is_renegotiation_secure - Returns the current state of SSL Secure Renegotiation.
SSL::maximum_record_size - set or get the maximum egress record size
SSL::mode - Gets the enabled/disabled state of SSL
SSL::modssl_sessionid_headers - Returns a list of fields for HTTP headers
SSL::nextproto - gets or sets the Next Protocol Negotiation (NPN) string
SSL::payload - Returns and manipulates plaintext data collected via SSL::collect
SSL::profile - Switch between different SSL profiles
SSL::release - Releases the collected plaintext data
SSL::renegotiate - Controls renegotiation of an SSL connection.
SSL::respond - Return data back to the origin via SSL
SSL::secure_renegotiation - Controls the SSL Secure Renegotiation mode.
SSL::session - Drops a session from the SSL session cache.
SSL::sessionid - Gets the SSL session ID.
SSL::sessionsecret - returns the current SSL handshake master secret
SSL::sessionticket - returns the session ticket associated with the SSL flow
SSL::sni - Returns a Server Name Indication name, and require SNI support
SSL::tls13_secret - Return data about various TLS 1.3 secrets
SSL::unclean_shutdown - Sets the value of the Unclean Shutdown setting.
SSL::verify_result - Gets or sets the result code for peer certificate verification.

STATS¶

STATS::get - Retrieves a setting value from a Statistics profile.
STATS::incr - Increments the value of a Statistics profile setting.
STATS::set - Sets the value of a Statistics profile setting.
STATS::setmax - Ensures that the value of the specified Statistics profile setting (field) is at the least value.
STATS::setmin - Ensures that the value of the specified Statistics profile setting (field) is at the most value.

STREAM¶

STREAM::disable - Disables the stream filter for a connection.
STREAM::enable - Enables the stream filter for the life of the current TCP connection or until disabled.
STREAM::encoding - Specifies non-default content encoding.
STREAM::expression - Replaces the expression in a Stream profile with another expression.
STREAM::match - Returns matching characters.
STREAM::max_matchsize - Sets a maximum number of bytes that the system can buffer during partial matches.
STREAM::replace - Changes a replacement string in the Stream profile.

TCP¶

TCP::abc - enable or disable TCP appropriate byte counting
TCP::analytics - enables or disables AVR TCP stat reporting
TCP::autowin - Sets the send and receive buffer dynamically in accordance with measured connection parameters
TCP::bandwidth - Returns a bandwidth estimate for the peer.
TCP::client_port - Returns the remote TCP port/service number of the clientside TCP connection.
TCP::close - Closes the TCP connection.
TCP::collect - Collects the specified amount of content data.
TCP::congestion - sets the TCP congestion control algorithm
TCP::delayed_ack - will enable or disable TCP delayed acknowledgements
TCP::dsack - enable or disable TCP duplicate selective acknowledgements
TCP::earlyrxmit - enable or disable TCP early retransmit
TCP::ecn - enable or disable TCP explicit congestion notification
TCP::enhanced_loss_recovery - enable or disable TCP enhanced loss recovery
TCP::idletime - sets the TCP idle timeout
TCP::keepalive - Sets or gets the number of seconds before BIG-IP sends a keep-alive packet on a TCP connection with no traffic
TCP::limxmit - enable or disable TCP limited transmit recovery
TCP::local_port - Returns the local TCP port/service number of a TCP connection.
TCP::lossfilter - sets the burst and rate levels in which TCP ignores loss
TCP::lossfilterburst - gets the TCP loss ignore burst parameter
TCP::lossfilterrate - gets the TCP Loss Ignore Rate Parameter
TCP::mss - Returns the on-wire Maximum Segment Size (MSS) for a TCP connection.
TCP::nagle - Enables or disables the Nagle algorithm on the current TCP connection.
TCP::naglemode - Returns the Nagle mode of a TCP flow.
TCP::naglestate - returns the nagle state
TCP::notify - Causes the the USER_REQUEST or USER_RESPONSE event to be raised.
TCP::offset - Returns the number of bytes currently held in memory via TCP::collect.
TCP::option - Gets or sets the value of the specified option kind from the TCP header.
TCP::pacing - enable or disable TCP rate pace
TCP::payload - Returns or replaces TCP data content.
TCP::proxybuffer - sets the TCP proxy buffer thresholds
TCP::proxybufferhigh - gets the proxy buffer high threshold
TCP::proxybufferlow - gets the proxy buffer low threshold
TCP::push_flag - used to set/get the PUSH flag mode of a TCP connection
TCP::rcv_scale - Returns the receive window scale advertised by the remote host
TCP::rcv_size - The maximum receive window in bytes
TCP::recvwnd - sets the TCP receive window
TCP::release - Releases and flushes collected data. and resumes processing.
TCP::remote_port - Returns the remote TCP port/service number of a TCP connection.
TCP::respond - Sends the specified data directly to the peer.
TCP::rexmt_thresh - gets or sets the retransmission threshold of a TCP connection
TCP::rt_metrics_timeout - sets the metrics cache entry time to live (in seconds) for the current connection
TCP::rto - Retransmit timer value in milliseconds
TCP::rtt - Returns the smoothed round-trip time estimate for a TCP connection.
TCP::rttvar - The measured RTT variance in units of “1/16 of a millisecond”.
TCP::sendbuf - sets the TCP send buffer size
TCP::server_port - Returns the remote TCP port/service number of the serverside TCP connection.
TCP::setmss - sets the TCP max segment size
TCP::snd_cwnd - returns the cwnd in bytes.
TCP::snd_scale - Returns the receive window scale advertised by the local host.
TCP::snd_ssthresh - The connection slow start threshold in bytes.
TCP::snd_wnd - Returns the remote host’s advertised receive window
TCP::unused_port - Returns an unused TCP port for the specified IP tuple.

TMM¶

TMM::cmp_count - Provides the active number of TMM instances running.
TMM::cmp_group - Returns the number (0-x) of the group of the CPU executing the rule. Typically a group refers to the blade number on a chassis system. and is always 0 on other platforms.
TMM::cmp_primary_group - returns the CMP cluster primary
TMM::cmp_unit - Returns the number (0-x) of the CPU executing the rule.

UDP¶

UDP::client_port - Returns the UDP port/service number of a client system.
UDP::debug_queue - used to enable/disable printing debug messages
UDP::drop - Drops the current UDP packet without removing the flow from the connection table
UDP::hold - holds back processing of input packets until UDP::release is called
UDP::local_port - Returns the local UDP port/service number.
UDP::max_buf_pkts - set/get the maximum buffer packets value of a UDP connection.
UDP::max_rate - set/get the max tx rate of a UDP connection
UDP::mss - Returns the on-wire Maximum Segment Size (MSS) for a UDP connection.
UDP::payload - Returns the content or length of the current UDP payload.
UDP::release - allows client-side ingress to flow following a call to UDP::hold
UDP::remote_port - Returns the remote UDP port/service number.
UDP::respond - Sends data directly to a peer.
UDP::sendbuffer - set/get the maximum send buffer size of a UDP connection
UDP::server_port - Returns the UDP port/service number of a server system.
UDP::unused_port - Returns an unused UDP port for the specified IP tuple.

URI¶

URI::basename - Extracts the basename part of a given uri string.
URI::compare - Compares two URI’s for equality.
URI::decode - Returns a decoded version of a given URI.
URI::encode - Returns an encoded version of a given URI.
URI::host - Returns the host portion of a given URI.
URI::path - Returns the path portion of the given URI.
URI::port - Returns the host port from the given URI.
URI::protocol - Returns the protocol of the given URI.
URI::query - Returns the query string portion of the given URI or the value of a query string parameter.

VDI¶

VDI::disable - disables the VDI plugin in the flow

VDI::enable - enables the VDI plugin in the flow

WAM¶

WAM::disable - Disables Web Accelerator plugin processing on the connection.
WAM::enable - Disables Web Accelerator plugin processing on the connection

WEBSSO¶

WEBSSO::disable - Forwards a request without doing SSO processing on it.
WEBSSO::enable - Causes APM to do the SSO processing on a request.
WEBSSO::select - Use specified SSO configuration object to do SSO for the HTTP request

WS¶

WS::collect - Collects the Websocket frame payload
WS::disconnect - The Websocket connection is disconnected by sending a close frame to both end-points when the current frame is done
WS::enabled - used to determine whether the Websocket processing is enabled or disabled for a particular connection
WS::frame - various websocket frame tasks
WS::masking - masking options for websocket payload
WS::message - Drop an entire Websocket message.
WS::payload - websocket payload manipulation
WS::release - Releases the data collected via WS::collect
WS::request - websocket request header access
WS::response - websocket response header access

X509¶

X509::cert_fields - Returns a list of X509 certificate fields to be added to HTTP headers for ModSSL behavior.
X509::extensions - Returns the X509 extensions set on an X509 certificate.
X509::hash - Returns the MD5 hash (fingerprint) of an X509 certificate.
X509::issuer - Returns the issuer of an X509 certificate.
X509::not_valid_after - Returns the not-valid-after date of an X509 certificate.
X509::not_valid_before - Returns the not-valid-before date of an X509 certificate.
X509::serial_number - Returns the serial number of an X509 certificate.
X509::signature_algorithm - Returns the signature algorithm of an X509 certificate.
X509::subject - Returns the subject of an X509 certificate.
X509::subject_public_key - Returns the subject’s public key of an X509 certificate.
X509::subject_public_key_RSA_bits - Returns the size of the subject’s public RSA key of an X509 certificate.
X509::subject_public_key_type - Returns the subject’s public key type of an X509 certificate.
X509::verify_cert_error_string - Returns an X509 certificate error string.
X509::version - Returns the version number of an X509 certificate.
X509::whole - Returns an X509 certificate in PEM format.

XLAT¶

XLAT::listen - creates a related ephemeral listener
XLAT::listen_lifetime - sets/gets the listener lifetime
XLAT::src_addr - returns the string representation of the source translation address
XLAT::src_config - returns the source translation configuration as a list
XLAT::src_endpoint_reservation - create, update, or get reserved entry values
XLAT::src_nat_valid_range - returns a list of lists containing valid source-translation addresses and port-ranges
XLAT::src_port - returns the source translation port

XML¶

XML::address - Queries the elements of a WS-Addressing header within a SOAP message.
XML::collect - Collects and parses incoming XML data.
XML::element - Returns the name of the current in-scope XML element.
XML::event - Returns the event name of the current context.
XML::eventid - Returns the key used to register the current XML event.
XML::parse - Disables all future XML parsing.
XML::release - Releases the collected XML data.
XML::soap - Returns information about the current SOAP message.
XML::subscribe - Subscribes to a specified category of XML events.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.