Master list of iRule Commands

AAA AAA::acct_result, AAA::acct_send, AAA::auth_result, AAA::auth_send
ACCESS ACCESS::acl, ACCESS::disable, ACCESS::enable, ACCESS::flowid, ACCESS::log, ACCESS::oauth, ACCESS::perflow, ACCESS::policy, ACCESS::respond, ACCESS::restrict_irule_events, ACCESS::saml, ACCESS::session, ACCESS::user, ACCESS::uuid, ACCESS2::access2_proc
ACL ACL::action, ACL::eval
ADAPT ADAPT::allow, ADAPT::context_create, ADAPT::context_current, ADAPT::context_delete_all, ADAPT::context_name, ADAPT::context_static, ADAPT::enable, ADAPT::preview_size, ADAPT::result, ADAPT::select, ADAPT::service_down_action, ADAPT::timeout
ADM ADM::health, ADM::is_ip_slowdown, ADM::is_mitigated
AES AES::decrypt, AES::encrypt, AES::key
ANTIFRAUD ANTIFRAUD::alert_additional_info, ANTIFRAUD::alert_bait_signatures, ANTIFRAUD::alert_component, ANTIFRAUD::alert_defined_value, ANTIFRAUD::alert_device_id, ANTIFRAUD::alert_expected_value, ANTIFRAUD::alert_fingerprint, ANTIFRAUD::alert_forbidden_added_element, ANTIFRAUD::alert_guid, ANTIFRAUD::alert_html, ANTIFRAUD::alert_http_referrer, ANTIFRAUD::alert_id, ANTIFRAUD::alert_license_id, ANTIFRAUD::alert_min, ANTIFRAUD::alert_origin, ANTIFRAUD::alert_resolved_value, ANTIFRAUD::alert_score, ANTIFRAUD::alert_transaction_data, ANTIFRAUD::alert_transaction_id, ANTIFRAUD::alert_type, ANTIFRAUD::alert_username, ANTIFRAUD::alert_view_id, ANTIFRAUD::disable, ANTIFRAUD::disable_alert, ANTIFRAUD::disable_app_layer_encryption, ANTIFRAUD::disable_auto_transactions, ANTIFRAUD::disable_injection, ANTIFRAUD::disable_malware, ANTIFRAUD::disable_phishing, ANTIFRAUD::enable, ANTIFRAUD::enable_log, ANTIFRAUD::fingerprint, ANTIFRAUD::result
APM ACCESS::acl, ACCESS::disable, ACCESS::enable, ACCESS::log, ACCESS::oauth, ACCESS::policy, ACCESS::respond, ACCESS::restrict_irule_events, ACCESS::session, ACCESS::user, ACCESS::uuid, REWRITE::disable, REWRITE::enable, REWRITE::payload, REWRITE::post_process, WEBSSO::disable, WEBSSO::enable, WEBSSO::select
ASM ASM::client_ip, ASM::disable, ASM::enable, ASM::fingerprint, ASM::payload, ASM::raise, ASM::severity, ASM::signature, ASM::status, ASM::support_id, ASM::unblock, ASM::violation, ASM::violation_data, DOSL7::disable, DOSL7::enable, DOSL7::profile
ASN1 ASN1::decode, ASN1::element, ASN1::encode
AUTH AUTH::abort, AUTH::authenticate, AUTH::authenticate_continue, AUTH::cert_credential, AUTH::cert_issuer_credential, AUTH::last_event_session_id, AUTH::password_credential, AUTH::response_data, AUTH::ssl_cc_ldap_status, AUTH::ssl_cc_ldap_username, AUTH::start, AUTH::status, AUTH::subscribe, AUTH::unsubscribe, AUTH::username_credential, AUTH::wantcredential_prompt, AUTH::wantcredential_prompt_style, AUTH::wantcredential_type
AVR AVR::disable, AVR::enable, AVR::log, AVR::disable_cspm_injection
BOTDEFENSE BOTDEFENSE::action, BOTDEFENSE::bot_signature, BOTDEFENSE::bot_signature_category, BOTDEFENSE::captcha_age, BOTDEFENSE::captcha_status, BOTDEFENSE::client_type, BOTDEFENSE::cookie_age, BOTDEFENSE::cookie_status, BOTDEFENSE::cs_allowed, BOTDEFENSE::cs_attribute, BOTDEFENSE::cs_possible, BOTDEFENSE::device_id, BOTDEFENSE::disable, BOTDEFENSE::enable, BOTDEFENSE::previous_action, BOTDEFENSE::previous_request_age, BOTDEFENSE::previous_support_id, BOTDEFENSE::reason, BOTDEFENSE::support_id
BWC BWC::color, BWC::mark, BWC::measure, BWC::policy, BWC::pps, BWC::priority, BWC::rate
CACHE CACHE::accept_encoding, CACHE::age, CACHE::disable, CACHE::enable, CACHE::expire, CACHE::header, CACHE::headers, CACHE::hits, CACHE::payload, CACHE::priority, CACHE::trace, CACHE::uri, CACHE::useragent, CACHE::userkey
CATEGORY CATEGORY::analytics, CATEGORY::filetype, CATEGORY::matchtype, CATEGORY::result, CATEGORY::safesearch, CATEGORY::lookup
CLASSIFICATION CLASSIFICATION::app, CLASSIFICATION::category, CLASSIFICATION::disable, CLASSIFICATION::enable, CLASSIFICATION::protocol, CLASSIFICATION::result, CLASSIFICATION::urlcat, CLASSIFICATION::username
CLASSIFY CLASSIFY::application, CLASSIFY::category, CLASSIFY::defer, CLASSIFY::urlcat
COMPRESS COMPRESS::buffer_size, COMPRESS::disable, COMPRESS::enable, COMPRESS::gzip, COMPRESS::method
CRYPTO CRYPTO::decrypt, CRYPTO::encrypt, CRYPTO::hash, CRYPTO::keygen, CRYPTO::sign, CRYPTO::verify
DATAGRAM DATAGRAM::dns, DATAGRAM::ip, DATAGRAM::ip6, DATAGRAM::l2, DATAGRAM::tcp, DATAGRAM::udp
DHCP DHCP::version, DHCPv4::hlen, DHCPv4::htype, DHCPv4::chaddr, DHCPv4::ciaddr, DHCPv4::drop, DHCPv4::giaddr, DHCPv4::hops, DHCPv4::len, DHCPv4::opcode, DHCPv4::option, DHCPv4::reject, DHCPv4::secs, DHCPv4::siaddr, DHCPv4::type, DHCPv4::xid, DHCPv4::yiaddr, DHCPv6::drop, DHCPv6::hop_count, DHCPv6::len, DHCPv6::link_address, DHCPv6::msg_type, DHCPv6::option , DHCPv6::peer_address, DHCPv6::reject, DHCPv6::transaction_id
DIAMETER DIAMETER::avp, DIAMETER::command, DIAMETER::disconnect, DIAMETER::drop, DIAMETER::header, DIAMETER::host, DIAMETER::is_request, DIAMETER::is_response, DIAMETER::is_retransmission, DIAMETER::length, DIAMETER::message, DIAMETER::payload, DIAMETER::persist, DIAMETER::realm, DIAMETER::respond, DIAMETER::result, DIAMETER::retransmission, DIAMETER::retransmission_default, DIAMETER::retransmission_reason, DIAMETER::retransmit, DIAMETER::retry, DIAMETER::route_status, DIAMETER::session, DIAMETER::state
DNS DNS::additional, DNS::answer, DNS::authority, DNS::class, DNS::disable, DNS::drop, DNS::edns0, DNS::enable, DNS::header, DNS::is_wideip, DNS::last_act, DNS::len, DNS::name, DNS::origin, DNS::ptype, DNS::query, DNS::question, DNS::rdata, DNS::return, DNS::rr, DNS::rrname, DNS::rrtype, DNS::scrape, DNS::tsig, DNS::ttl, DNS::type, whereis
DNSMSG DNSMSG::header, DNSMSG::record, DNSMSG::section
DOSL7 DOSL7::disable, DOSL7::enable, DOSL7::health, DOSL7::is_ip_slowdown, DOSL7::is_mitigated, DOSL7::profile
DSLITE DSLITE::remote_addr
ECA ECA::disable, ECA::domainname, ECA::enable, ECA::metadata, ECA::status, ECA::username
FIX BIGPROTO::enable_fix_reset, FIX::tag
FLOW FLOW::create_related, FLOW::idle_duration, FLOW::idle_timeout, FLOW::peer, FLOW::priority, FLOW::refresh, FLOW::this
FLOWTABLE FLOWTABLE::count, FLOWTABLE::limit
FTP FTP::allow_active_mode, FTP::disable, FTP::enable, FTP::enforce_tls_session_reuse, FTP::ftps_mode, FTP::port
GENERICMESSAGE GENERICMESSAGE::message, GENERICMESSAGE::peer, GENERICMESSAGE::route
GLOBAL accumulate, ACL::eval, active_members, active_nodes, after, b64decode, b64encode, BIGTCP::release_flow, call, CATEGORY::lookup, class, client_addr, client_port, clientside, clone, CONNECTOR::disable, CONNECTOR::enable, cpu, crc32, decode_uri, DECOMPRESS::disable, DECOMPRESS::enable, DEMANGLE::disable, DEMANGLE::enable, discard, DNSMSG::header, DNSMSG::record, DNSMSG::section, domain, drop, event, findclass, findstr, forward, FTP::port, getfield, HA::status, htonl, htons, http_cookie, http_header, http_host, http_method, http_uri, http_version, ifile, imid, ip_addr, ip_protocol, ip_tos, ip_ttl, lasthop, link_qos, listen, llookup, local_addr, log, matchclass, matchregion, md5, members, nexthop, node, nodes, ntohl, ntohs, Operators, peer, pem_dtos, persist, pool, priority, rateclass, redirect, reject, relate_client, relate_server, remote_addr, RESOLV::lookup, RESOLVER::summarize, RESOLVER::name_lookup, REST::send, return, rmd160, server_addr, server_port, serverside, session, sha1, sha256, sha384, sha512, sharedvar, snat, snatpool, substr, table, tcl_platform, timing, TMM::cmp_count, TMM::cmp_group, TMM::cmp_unit, traffic_group, translate, urlcatblindquery, urlcatquery, use, VALIDATE::protocol, virtual, vlan_id, when, whereis
GTM discard, DNS::additional, DNS::answer, DNS::authority, DNS::class, DNS::disable, DNS::drop, DNS::edns0, DNS::enable, DNS::header, DNS::last_act, DNS::len, DNS::name, DNS::origin, DNS::ptype, DNS::query, DNS::question, DNS::rdata, DNS::return, DNS::rr, IP::client_addr
GTP GTP::discard, GTP::header, GTP::header extension, GTP::ie, GTP::length, GTP::message, GTP::payload, GTP::tunnel
HA HA::status
High Speed Logging HSL::open, HSL::send
HTML HTML::comment , HTML::disable, HTML::enable, HTML::tag, HTML::tag attribute
HTTP HTTP::class, HTTP::close, HTTP::collect, HTTP::cookie, HTTP::disable, HTTP::enable, HTTP::fallback, HTTP::has_responded, HTTP::header, HTTP::host, HTTP::hsts, HTTP::is_keepalive, HTTP::is_redirect, HTTP::method, HTTP::passthrough_reason, HTTP::password, HTTP::path, HTTP::payload, HTTP::proxy, HTTP::query, HTTP::redirect, HTTP::reject_reason, HTTP::release, HTTP::request, HTTP::request_num, HTTP::respond, HTTP::retry, HTTP::status, HTTP::uri, HTTP::username, HTTP::version
HTTP2 HTTP2::active, HTTP2::disable, HTTP2::disconnect, HTTP2::enable, HTTP2::push, HTTP2::requests, HTTP2::stream, HTTP2::version, HTTP2::concurrency
ICAP ICAP::header, ICAP::method, ICAP::status, ICAP::uri
ILX ILX::call, ILX::init, ILX::notify
IMAP IMAP::activation_mode, IMAP::disable, IMAP::enable
IP IP::addr, IP::client_addr, IP::hops, IP::idle_timeout, IP::intelligence, IP::local_addr, IP::protocol, IP::remote_addr, IP::server_addr, IP::stats, IP::tos, IP::ttl, IP::version, IP::reputation
IPFIX IPFIX::destination, IPFIX::msg, IPFIX::template
ISESSION ISESSION::deduplication
iStats ISTATS::remove, ISTATS::get, ISTATS::incr, ISTATS::set
IVS IVS_ENTRY::result
L7CHECK L7CHECK::protocol
LB LB::bias, LB::class, LB::command, LB::connect, LB::connlimit, LB::context_id, LB::detach, LB::down, LB::dst_tag, LB::enable_decisionlog, LB::mode, LB::persist, LB::prime, LB::reselect, LB::select, LB::server, LB::snat, LB::src_tag, LB::status, LB::up, LB::queue
LINK LINK::lasthop, LINK::nexthop, LINK::qos, LINK::vlan_id
LSN LSN::inbound-entry, LSN::address, LSN::disable, LSN::inbound, LSN::persistence, LSN::persistence-entry, LSN::pool, LSN::port
MESSAGE MESSAGE::field, MESSAGE::proto, MESSAGE::type
MQTT MQTT::clean_session, MQTT::client_id, MQTT::collect, MQTT::disable, MQTT::disconnect, MQTT::drop, MQTT::dup, MQTT::enable, MQTT::insert, MQTT::keep_alive, MQTT::length, MQTT::message, MQTT::packet_id, MQTT::password, MQTT::payload, MQTT::protocol_name, MQTT::protocol_version, MQTT::qos, MQTT::release, MQTT::replace, MQTT::respond, MQTT::retain, MQTT::return_code, MQTT::return_code_list, MQTT::session_present, MQTT::topic, MQTT::type, MQTT::username, MQTT::will
MR MR::collect, MR::connect_back_port, MR::connection_instance, MR::connection_mode, MR::equivalent_transport, MR::flow_id, MR::ignore_peer_port, MR::instance, MR::max_retries, MR::message, MR::payload, MR::peer, MR::prime, MR::protocol, MR::release, MR::restore, MR::retry, MR::return, MR::store, MR::stream, MR::transport
NAME Deprecated NAME::lookup, NAME::response
NSH NSH::context, NSH::mimic, NSH::path_id, NSH::service_index
NTLM NTLM::disable, NTLM::enable
ONECONNECT ONECONNECT::detach, ONECONNECT::label, ONECONNECT::reuse
PCP PCP::reject, PCP::request, PCP::response
PEM PEM::disable, PEM::enable, PEM::flow, PEM::policy, PEM::session, pem_dtos, PEM::subscriber, urlcatquery
POLICY POLICY::controls, POLICY::names, POLICY::rules, POLICY::targets
POP3 POP3::activation_mode, POP3::disable, POP3::enable
PROFILE PROFILE::access, PROFILE::auth, PROFILE::clientssl, PROFILE::diameter, PROFILE::exists, PROFILE::fasthttp, PROFILE::fastL4, PROFILE::ftp, PROFILE::http, PROFILE::httpclass, PROFILE::oneconnect, PROFILE::persist, PROFILE::serverssl, PROFILE::stream, PROFILE::tcp, PROFILE::udp, PROFILE::xml, PROFILE::httpcompression, PROFILE::webacceleration
PSC PSC::attr, PSC::auth_user_name, PSC::calling_id, PSC::imeisv, PSC::imsi, PSC::ip_address, PSC::lease_time, PSC::policy, PSC::subscriber_id, PSC::tower_id, PSC::user_name
QOE QOE::disable, QOE::enable, QOE::video
RADIUS RADIUS::avp, RADIUS::code, RADIUS::id, RADIUS::rtdom
RESOLV RESOLV::lookup
RESOLVER RESOLVER::summarize, RESOLVER::name_lookup
REWRITE REWRITE::disable, REWRITE::enable, REWRITE::payload, REWRITE::post_process
ROUTE ROUTE::age, ROUTE::bandwidth, ROUTE::clear, ROUTE::cwnd, ROUTE::domain, ROUTE::expiration, ROUTE::mtu, ROUTE::rtt, ROUTE::rttvar
RTSP RTSP::collect, RTSP::header, RTSP::method, RTSP::msg_source, RTSP::payload, RTSP::release, RTSP::respond, RTSP::status, RTSP::uri, RTSP::version
SCTP SCTP::client_port, SCTP::collect, SCTP::local_port, SCTP::mss, SCTP::payload, SCTP::ppi, SCTP::release, SCTP::remote_port, SCTP::respond, SCTP::rto_initial, SCTP::rto_max, SCTP::rto_min, SCTP::sack_timeout, SCTP::server_port
SDP SDP::field, SDP::media, SDP::session_id
SIDEBAND close, connect, connect info, recv, send
SIP SIP::call_id, SIP::discard, SIP::from, SIP::header, SIP::message, SIP::method, SIP::payload, SIP::persist, SIP::respond, SIP::response, SIP::route_status, SIP::to, SIP::uri, SIP::via
SMTPS SMTPS::activation_mode, SMTPS::disable, SMTPS::enable
SOCKS SOCKS::allowed, SOCKS::destination, SOCKS::version
SPDY SPDY::active, SPDY::disconnect, SPDY::priority, SPDY::requests, SPDY::stream, SPDY::streamid, SPDY::version, SPDY::concurrency
SSL SSL::allow_dynamic_record_sizing, SSL::authenticate, SSL::cert, SSL::cipher, SSL::clientrandom, SSL::collect, SSL::disable, SSL::enable, SSL::extensions, SSL::forward_proxy, SSL::handshake, SSL::is_renegotiation_secure, SSL::maximum_record_size, SSL::mode, SSL::modssl_sessionid_headers, SSL::nextproto, SSL::payload, SSL::profile, SSL::release, SSL::renegotiate, SSL::respond, SSL::secure_renegotiation, SSL::session, SSL::sessionid, SSL::sessionsecret, SSL::sessionticket, SSL::sni, SSL::unclean_shutdown, SSL::verify_result
STATS STATS::get, STATS::incr, STATS::set, STATS::setmax, STATS::setmin
STREAM STREAM::disable, STREAM::enable, STREAM::encoding, STREAM::expression, STREAM::match, STREAM::max_matchsize, STREAM::replace
TCP TCP::abc, TCP::analytics, TCP::autowin, TCP::bandwidth, TCP::client_port, TCP::close, TCP::collect, TCP::congestion, TCP::delayed_ack, TCP::dsack, TCP::earlyrxmit, TCP::ecn, TCP::enhanced_loss_recovery, TCP::idletime, TCP::limxmit, TCP::local_port, TCP::lossfilter, TCP::lossfilterburst, TCP::lossfilterrate, TCP::mss, TCP::nagle, TCP::naglemode, TCP::naglestate, TCP::notify, TCP::offset, TCP::option, TCP::pacing, TCP::payload, TCP::proxybuffer, TCP::proxybufferhigh, TCP::proxybufferlow, TCP::push_flag, TCP::rcv_scale, TCP::rcv_size, TCP::recvwnd, TCP::release, TCP::remote_port, TCP::respond, TCP::rexmt_thresh, TCP::rt_metrics_timeout, TCP::rto, TCP::rtt, TCP::rttvar, TCP::sendbuf, TCP::server_port, TCP::setmss, TCP::snd_cwnd, TCP::snd_scale, TCP::snd_ssthresh, TCP::snd_wnd, TCP::unused_port
TMM TMM::cmp_count, TMM::cmp_group, TMM::cmp_primary_group, TMM::cmp_unit
UDP UDP::client_port, UDP::debug_queue, UDP::drop, UDP::hold, UDP::local_port, UDP::max_rate, UDP::mss, UDP::payload, UDP::release, UDP::remote_port, UDP::respond, UDP::sendbuffer, UDP::server_port, UDP::unused_port
URI URI::basename, URI::compare, URI::decode, URI::encode, URI::host, URI::path, URI::port, URI::protocol, URI::query
WAM WAM::disable, WAM::enable
WEBSSO WEBSSO::disable, WEBSSO::enable, WEBSSO::select
WS WS::collect, WS::disconnect, WS::enabled, WS::frame, WS::masking, WS::message, WS::payload, WS::release, WS::request, WS::response
X509 X509::cert_fields, X509::extensions, X509::hash, X509::issuer, X509::not_valid_after, X509::not_valid_before, X509::serial_number, X509::signature_algorithm, X509::subject, X509::subject_public_key, X509::subject_public_key_RSA_bits, X509::subject_public_key_type, X509::verify_cert_error_string, X509::version, X509::whole
XLAT XLAT::listen, XLAT::listen_lifetime, XLAT::src_addr, XLAT::src_config, XLAT::src_endpoint_reservation, XLAT::src_nat_valid_range, XLAT::src_port
XML XML::address, XML::collect, XML::element, XML::event, XML::eventid, XML::parse, XML::release, XML::soap, XML::subscribe

AAA

  • AAA::acct_result - used to check whether the accounting information is sent successfully to IVS or not
  • AAA::acct_send - used to send user accouting information to IVS virtual
  • AAA::auth_result - used to check whether the authentication information is sent successfully to IVS or not
  • AAA::auth_send - used to send user authentication information to IVS virtual

ACCESS

  • ACCESS::acl - Poll or enforce ACLs in your connections
  • ACCESS::disable - Control enforcement for a particular request URI
  • ACCESS::enable - enables the access control enforcement for a particular request URI
  • ACCESS::flowid - set/get the flow id for SSL Orchestrator using APM logging framework
  • ACCESS::log - logs a message using APM logging framework
  • ACCESS::oauth - returns a JSON Web Signature token
  • ACCESS::perflow - String of perflow variable; empty if value isn’t set
  • ACCESS::policy - Return information about access policies
  • ACCESS::respond - This command generates new respond and automatically overrides the default respond.
  • ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
  • ACCESS::saml - allows you to retrieve or manipulate SAML related messages
  • ACCESS::session - Access or manipulate session information.
  • ACCESS::user - Returns user ID information
  • ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
  • ACCESS2::access2_proc - return the TCL procedure registered for currently executing per-request policy expression.

ACL


ADAPT


ADM


AES

  • AES::decrypt - Decrypt the data using the previously-created AES key.
  • AES::encrypt - Encrypt the data using the previously-created AES key.
  • AES::key - Creates an AES key to encrypt/decrypt data.

ANTIFRAUD


APM

  • ACCESS::acl - Poll or enforce ACLs in your connections
  • ACCESS::disable - Control enforcement for a particular request URI
  • ACCESS::enable - enables the access control enforcement for a particular request URI
  • ACCESS::log - logs a message using APM logging framework
  • ACCESS::oauth - returns a JSON Web Signature token
  • ACCESS::policy - Return information about access policies
  • ACCESS::respond - This command generates new respond and automatically overrides the default respond.
  • ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
  • ACCESS::session - Access or manipulate session information.
  • ACCESS::user - Returns user ID information
  • ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
  • REWRITE::disable - Changes the REWRITE plugin from full patching mode to passthrough mode.
  • REWRITE::enable - Changes the REWRITE plugin from passthrough to full patching mode.
  • REWRITE::payload - Queries for or manipulates REWRITE payload.
  • REWRITE::post_process - Toggle post processing functionality
  • WEBSSO::disable - Forwards a request without doing SSO processing on it.
  • WEBSSO::enable - Causes APM to do the SSO processing on a request.
  • WEBSSO::select - Use specified SSO configuration object to do SSO for the HTTP request

ASM

  • ASM::client_ip - Returns the IP address of the end client that sent the present request
  • ASM::disable - Disables plugin processing on the connection.
  • ASM::enable - Enables plugin processing on the connection.
  • ASM::fingerprint - returns the FP id if available
  • ASM::payload - This command retrieves or replaces the payload collected by ASM.
  • ASM::raise - Issues a user-defined violation on the present request
  • ASM::severity - Returns the overall severity of the violations found in the transaction (both request and response)
  • ASM::signature - returns the list of signatures
  • ASM::status - Returns the current status of the request or response
  • ASM::support_id - Returns the support id of the present HTTP transaction
  • ASM::unblock - Overrides the blocking action for a request that had blocking violation
  • ASM::violation - Returns the list of violations found in the present request or response together with details on each one
  • ASM::violation_data - This command exposes violation data using a multiple buffers instance
  • DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

ASN1


AUTH


AVR


BOTDEFENSE


BWC

  • BWC::color - allows a category assignment to dynamic policies
  • BWC::mark - assign tos and qos values to a flow
  • BWC::measure - start or stop measurement on a per policy or on a per flow basis
  • BWC::policy - Attach/Detach a bandwidth policy to a flow
  • BWC::pps - allows modification of the packets per second for the session
  • BWC::priority - map a policy instance or category to a priority class of a priority group
  • BWC::rate - allows for a different bandwidth be set on dynamic policies

CACHE

  • CACHE::accept_encoding - Overrides the accept_encoding value used by the cache to store the cached content.
  • CACHE::age - Returns the age of the document in the cache.
  • CACHE::disable - Disables the caching for this request.
  • CACHE::enable - Forces the document to be cached.
  • CACHE::expire - Forces the document to be revalidated from the server.
  • CACHE::header - Get the content of an Header related to an object stored in the RamCache.
  • CACHE::headers - Returns the HTTP headers of the cache response.
  • CACHE::hits - Returns the document cache hits.
  • CACHE::payload - Returns the HTTP payload of the cache response.
  • CACHE::priority - Adds a priority to cached documents.
  • CACHE::trace - Dump the list of cached objects for a HTTP profile where RAM cache is enabled.
  • CACHE::uri - Overrides the URI value used by the cache to store the cached content.
  • CACHE::useragent - Overrides the useragent value used by the cache to reference the cached content.
  • CACHE::userkey - Allows users to add user-defined values to the key used by the cache to reference the cached content.

CATEGORY


CLASSIFICATION


CLASSIFY


COMPRESS


CRYPTO


DATAGRAM


DHCP


DIAMETER


DNS

  • DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
  • DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
  • DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
  • DNS::class - gets or sets the resource record class field
  • DNS::disable - sets the service state to disabled for the current dns packet.
  • DNS::drop - Drops the current DNS packet after the execution of the event.
  • DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
  • DNS::enable - sets the service state to enabled for the current dns packet.
  • DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
  • DNS::is_wideip - returns status (true/false) if a string is a configured wide IP.
  • DNS::last_act - sets the action to perform if no DNS service handles this packet
  • DNS::len - returns the dns packet message length.
  • DNS::name - gets or sets the resource record name field
  • DNS::origin - returns the originator of the DNS message
  • DNS::ptype - returns the type of the DNS packet.
  • DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
  • DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
  • DNS::rdata - gets or sets the resource record rdata field
  • DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
  • DNS::rr - creates a new resource record object with specified attributes or as a complete string.
  • DNS::rrname - Returns the name requested by the client.
  • DNS::rrtype - Returns the resource record type requested by the client.
  • DNS::scrape - allows users to walk over a DNS message and parse out information from the packet based on user supplied arguments
  • DNS::tsig - manipulates the current DNS message and its TSIG resource record.
  • DNS::ttl - gets or sets the resource record ttl field
  • DNS::type - gets or sets the resource record type field
  • whereis - Returns geographical information on an IP address.

DOSL7

  • DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::health - returns the DOSL7 server health value for current virtual server
  • DOSL7::is_ip_slowdown - returns TRUE if source IP exists in greylist table
  • DOSL7::is_mitigated - returns TRUE if certain HTTP request was mitigated
  • DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

DSLITE


ECA


FIX


FLOW


FLOWTABLE


FTP


GENERICMESSAGE


GLOBAL

  • accumulate - Terminates iRule processing until more data is received.
  • ACL::eval - enforces ACLs in your connections
  • active_members - Returns the number or list of active members in the specified pool.
  • active_nodes - Returns the alias for active members of the specified pool (for BIG-IP version 4.X compatibility).
  • after - Execute iRules code after a set period of delay.
  • b64decode - Returns a string that is base-64 decoded
  • b64encode - Returns a string that is base-64 encoded. or if an error occurs. an empty string.
  • BIGTCP::release_flow - Transition layer 7 FIX message to layer 4
  • call - Call an iRule procedure
  • CATEGORY::lookup - returns the category of the supplied URL
  • class - Advanced access of classes
  • client_addr - Returns the client IP address of a connection.
  • client_port - Returns the TCP port number/service of the specified client.
  • clientside - Causes the specified iRule commands to be evaluated under the client-side context.
  • clone - Causes the system to clone traffic to the specified pool or pool member regardless of monitor status.
  • CONNECTOR::disable - disables all the connectors on chain
  • CONNECTOR::enable - enables all the connectors on chain
  • cpu - The cpu usage command returns the average TMM cpu load for the given interval.
  • crc32 - Returns the crc32 checksum for the specified string.
  • decode_uri - Decodes the specified string using HTTP URI encoding.
  • DECOMPRESS::disable - Disable DECOMPRESS feature on current flow.
  • DECOMPRESS::enable - Enable DECOMPRESS feature on current flow.
  • DEMANGLE::disable -
  • DEMANGLE::enable -
  • discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
  • DNSMSG::header -
  • DNSMSG::record -
  • DNSMSG::section -
  • domain - Parses the specified string as a dotted domain name and returns the last portions of the domain name.
  • drop - Causes the current packet or connection to be dropped/discarded. Same as the discard command.
  • event - Enables or disables evaluation of the specified iRule event. or all iRule events. on this connection.
  • findclass - Searches a data group list for a member that starts with a specified string and returns the data-group member string.
  • findstr - Finds a string within another string and returns the string starting at the offset specified from the match.
  • forward - Sets the connection to forward IP packets.
  • FTP::port - allows restriction of FTP ephemeral ports
  • getfield - Splits a string on a character or string. and returns the string corresponding to the specific field.
  • HA::status - Returns true or false based on whether the unit the command is executed on is active or standby
  • htonl - Convert the unsigned integer from host byte order to network byte order.
  • htons - Convert the unsigned short integer from host byte order to network byte order.
  • http_cookie - Specifies the value in the Cookie: header.
  • http_header - Evaluates the string following an HTTP header tag that you specify.
  • http_host - Specifies the value in the Host: header of the HTTP request.
  • http_method - Specifies the action of the HTTP request.
  • http_uri - Specifies a URI.
  • http_version - Specifies the HTTP protocol version.
  • ifile - returns content and attributes from external files on the BIG-IP system
  • imid - Returns an i-mode identifier string.
  • ip_addr - Returns the IP address of a tmm, tmm interface, localhost, etc
  • ip_protocol - Returns the IP protocol value.
  • ip_tos - Returns the ToS level of a packet.
  • ip_ttl - Returns the TTL of the latest IP packet received.
  • lasthop - Sets the lasthop of an IP connection.
  • link_qos - Returns the QoS level.
  • listen - Sets up a related ephemeral listener to allow an incoming related connection to be established.
  • llookup - returns a list of values corresponding to the given key
  • local_addr - Deprecated: Use IP::local_addr instead
  • log - Generates and logs a message to the syslog-ng utility.
  • matchclass - Performs comparison against the contents of data group.
  • matchregion - Returns true/false if specified region is matched.
  • md5 - Returns the RSA MD5 Message Digest Algorithm message digest of the specified string.
  • members - List all members of a given pool for v10.x.x
  • nexthop - Sets the nexthop of an IP connection.
  • node - Sends the packet directly to the identified server node.
  • nodes - List all nodes within a given pool
  • ntohl - Convert the unsigned integer from network byte order to host byte order.
  • ntohs - Convert the unsigned short integer from network byte order to host byte order.
  • Operators - iRules operators
  • peer - Causes the specified iRule commands to be evaluated under the peer’s (opposite) context.
  • pem_dtos - Query the TAC DB for IMEI value
  • persist - Causes the system to use the named persistence type to persist the connection.
  • pool - Causes the system to load balance traffic to the specified pool or pool member regardless of monitor status.
  • priority - The priority command is used to set the order that like iRule events are executed.
  • rateclass - Causes the system to select the specified rate class to use when transmitting packets.
  • redirect - Redirects an HTTP request to a specific location.
  • reject - Causes the connection to be rejected.
  • relate_client - Sets up a related established connection.
  • relate_server - Sets up a related established connection.
  • remote_addr - Deprecated: Use IP::remote_addr instead
  • RESOLV::lookup - Performs a DNS query for A or PTR records corresponding to a hostname or IP address.
  • RESOLVER::summarize -
  • RESOLVER::name_lookup -
  • REST::send - Send a rest request locally to the Big-IP REST Framework
  • return - Causes immediate exit from the currently executing event in the currently executing iRule.
  • rmd160 - Returns the RIPEMD-160 message digest of the specified string.
  • server_addr - Returns the IP address of the server.
  • server_port - Returns the TCP port/service number of the specified server.
  • serverside - Causes the specified iRule command to be evaluated under the server-side context.
  • session - Utilizes the persistence table to store arbitrary information based on the same keys as persistence.
  • sha1 - Returns the SHA version 1.0 message digest of the specified string.
  • sha256 - Returns the Secure Hash Algorithm (SHA2) 256-bit message digest of the specified string.
  • sha384 - Returns the Secure Hash Algorithm (SHA2) 384-bit message digest of the specified string.
  • sha512 - Returns the Secure Hash Algorithm (SHA2) 512-bit message digest of the specified string.
  • sharedvar - Allows a variable to be accessed in both sides of a VIP-targetting-VIP
  • snat - Causes the LTM system to assign the specified translation address to the current connection.
  • snatpool - Causes the specified pool of addresses to be used as translation addresses to create a SNAT.
  • substr - A custom iRule function which returns a substring from a string
  • table - The table command provides enhanced access to the session table
  • tcl_platform - A variable that contains platform specific information
  • timing - Enable and disable iRule timing statistics.
  • TMM::cmp_count - Provides the active number of TMM instances running.
  • TMM::cmp_group - Returns the number (0-x) of the group of the CPU executing the rule. Typically a group refers to the blade number on a chassis system. and is always 0 on other platforms.
  • TMM::cmp_unit - Returns the number (0-x) of the CPU executing the rule.
  • traffic_group - returns the current traffic group
  • translate - Enables, disables, or queries (as specified) destination address or port translation
  • urlcatblindquery - Query the encrypted URL for URL categorization
  • urlcatquery - Query the URL for URL categorization
  • use - A BIG-IP 4.X statement. provided for backward-compatibility.
  • VALIDATE::protocol - allows you to validate payload (traffic) to match given classification application
  • virtual - Return the name of the associated virtual server or selects another virtual server.
  • vlan_id - Returns the VLAN tag of the packet.
  • when - Used to specify an event in an iRule.
  • whereis - Returns geographical information on an IP address.

GTM

  • discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
  • DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
  • DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
  • DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
  • DNS::class - gets or sets the resource record class field
  • DNS::disable - sets the service state to disabled for the current dns packet.
  • DNS::drop - Drops the current DNS packet after the execution of the event.
  • DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
  • DNS::enable - sets the service state to enabled for the current dns packet.
  • DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
  • DNS::last_act - sets the action to perform if no DNS service handles this packet
  • DNS::len - returns the dns packet message length.
  • DNS::name - gets or sets the resource record name field
  • DNS::origin - returns the originator of the DNS message
  • DNS::ptype - returns the type of the DNS packet.
  • DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
  • DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
  • DNS::rdata - gets or sets the resource record rdata field
  • DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
  • DNS::rr - creates a new resource record object with specified attributes or as a complete string.
  • IP::client_addr - Returns the client IP address of a connection

GTP

  • GTP::discard - Discards the current message
  • GTP::header - Allows for the parsing of GTP header information.
  • GTP::header extension - The extension headers are identified by unique type values. The type can be appended with index, if multiple headers of same type are expected.
  • GTP::ie - This set of commands allows for the parsing and interpretation of GTP IE elements.
  • GTP::length - This value is returned as read from the message header.
  • GTP::message - Returns the entire GTP message.
  • GTP::payload - Returns the entire payload for G-PDU message. This command returns an empty value, in case of non-G-PDU messages.
  • GTP::tunnel - These commands parse the payload of G-PDU as IP datagram and return the values from IP header and TCP/UDP header.

HA

  • HA::status - Returns true or false based on whether the unit the command is executed on is active or standby

High Speed Logging

  • HSL::open - Open a handle for High Speed Logging communication
  • HSL::send - Send data via High Speed Logging

HTML

  • HTML::comment - Queries, removes HTML comment or appends/prepends it by a string.
  • HTML::disable - Disables the processing of HTML for this transaction.
  • HTML::enable - Enables the processing of HTML for this transaction.
  • HTML::tag - Queries, removes HTML tag and appends/prepends string to it.
  • HTML::tag attribute - Queries, removes and changes attribute/value pairs of this HTML tag.

HTTP

  • HTTP::class - Returns or sets the HTTP class selected by the HTTP selector.
  • HTTP::close - Closes the HTTP connection.
  • HTTP::collect - Collects an amount of HTTP body data that you specify.
  • HTTP::cookie - Queries for or manipulates cookies in HTTP requests and responses.
  • HTTP::disable - Changes the HTTP filter from full parsing to passthrough mode.
  • HTTP::enable - Changes the HTTP filter from passthrough to full parsing mode.
  • HTTP::fallback - Specifies or overrides a fallback host specified in the HTTP profile.
  • HTTP::has_responded - returns true if this HTTP transaction has been prematurely completed by an iRule command or other filter logic
  • HTTP::header - Queries or modifies HTTP headers.
  • HTTP::host - Returns the value of the HTTP Host header
  • HTTP::hsts - controls HTTP Strict Transport Security
  • HTTP::is_keepalive - Returns a true value if this is a Keep-Alive connection.
  • HTTP::is_redirect - Returns a true value if the response is a redirect.
  • HTTP::method - Returns the type of HTTP request method.
  • HTTP::passthrough_reason - returns the reason for the most recent switch to pass-through mode by the HTTP filter
  • HTTP::password - Returns the password part of HTTP basic authentication.
  • HTTP::path - Returns or sets the path part of the HTTP request.
  • HTTP::payload - Queries for or manipulates HTTP payload information.
  • HTTP::proxy - controls whether the BIG-IP will handle the proxy of the connection locally or send it to a downstream pool
  • HTTP::query - Returns the query part of the HTTP request.
  • HTTP::redirect - Redirects an HTTP request or response to the specified URL.
  • HTTP::reject_reason - returns the reason HTTP is aborting
  • HTTP::release - Releases the data collected via HTTP::collect.
  • HTTP::request - Returns the raw HTTP request headers.
  • HTTP::request_num - Returns the number of HTTP requests that a client made on the connection.
  • HTTP::respond - Generates a response to the client as if it came from the server.
  • HTTP::retry - Resends a request to a server.
  • HTTP::status - Returns the response status code.
  • HTTP::uri - Returns or sets the URI part of the HTTP request.
  • HTTP::username - Returns the username part of HTTP basic authentication.
  • HTTP::version - Returns or sets the HTTP version of the request or response.

HTTP2

  • HTTP2::active - used to determine if a request is generated by HTTP/2
  • HTTP2::disable - changes the HTTP2 filter from full parsing to passthrough mode
  • HTTP2::disconnect - allows you to cleanly terminate the current HTTP/2 session
  • HTTP2::enable - changes the HTTP2 filter from passthrough to full parsing mode
  • HTTP2::push - accepts a resource as a parameter that can be pushed to the client using PUSH_PROMISE frames
  • HTTP2::requests - used to determine the count of requests received in the current HTTP/2 session
  • HTTP2::stream - Gets or sets the stream attributes including id and priority
  • HTTP2::version - used to determine the HTTP/2 protocol version used
  • HTTP2::concurrency - used to determine the number of active concurrent streams in the current HTTP/2 session

ICAP


ILX

  • ILX::call - Invokes the specified node method
  • ILX::init - Establishes a communication path from an iRule to the node process.
  • ILX::notify - Sends a message to the specified node method but does not wait for a response

IMAP


IP

  • IP::addr - Performs comparison of IP address/subnet/supernet to IP address/subnet/supernet. or parses 4 binary bytes into an IPv4 dotted quad address.
  • IP::client_addr - Returns the client IP address of a connection
  • IP::hops - Gives you the estimated number of hops the peer takes to get to you.
  • IP::idle_timeout - Returns or sets the idle timeout value.
  • IP::intelligence - returns a Tcl list of IP intelligence category names for a given IP address
  • IP::local_addr - Returns the IP address of the virtual server the client is connected to or the self-ip LTM is connected from.
  • IP::protocol - Returns the IP protocol value.
  • IP::remote_addr - Returns the IP address of the host on the far end of the connection.
  • IP::server_addr - Returns the server’s IP address.
  • IP::stats - Supplies information about the number of packets or bytes being sent or received in a given connection.
  • IP::tos - Returns the ToS value encoded within a packet.
  • IP::ttl - Returns the TTL of the latest IP packet received.
  • IP::version - Returns the IP version of a connection
  • IP::reputation - Looks up the supplied IP address in the IP intelligence (reputation) database and returns a TCL list containing reputation categories

IPFIX

  • IPFIX::destination - open and close IPFIX logging destinations
  • IPFIX::msg - create, delete and set data values in an IPFIX message based on the provided IPFIX_TEMPLATE.
  • IPFIX::template - create and delete user defined IPFIX message templates

ISESSION


iStats


IVS


L7CHECK


LB

  • LB::bias -
  • LB::class - Provides the name of the traffic class that matched the connection
  • LB::command - To be completed
  • LB::connect -
  • LB::connlimit - set the connection limit for virtual/node/poolmember
  • LB::context_id - Assigns the current connection to named context.
  • LB::detach - Disconnects the server side connection
  • LB::down - Sets the status of a node or pool member as being down.
  • LB::dst_tag - Sets the destination tag for the current request
  • LB::enable_decisionlog - enables LTM decision logging
  • LB::mode - Sets the load balancing mode
  • LB::persist - Forces a persistence record lookup and returns the result
  • LB::prime - Sets up serverside connections before client traffic comes
  • LB::reselect - Selects the next available member in the current pool, based on pool Load Balancing options
  • LB::select - Forces a load balancing selection and returns the result
  • LB::server - Returns information about the currently selected server
  • LB::snat - Returns information on the SNAT configuration of the virtual server.
  • LB::src_tag - Sets the source tag for the current request
  • LB::status - Returns the status of a node address or pool member.
  • LB::up - Sets the status of a node or pool member as being up.
  • LB::queue - Returns queue information

LSN


MESSAGE


MQTT


MR

  • MR::collect - collect the specified amount of MR message payload data.
  • MR::connect_back_port - gets or sets connect_back_port for the current connection
  • MR::connection_instance - returns the connection instance and the number of connections
  • MR::connection_mode - returns the connection mode of the current connection
  • MR::equivalent_transport - gets or sets the transport that is usable as an equivalent transport
  • MR::flow_id - returns a unique identifier for the current connection
  • MR::ignore_peer_port - sets or resets the ignore_peer_port mode of the current connection
  • MR::instance - returns the name of the current mr_router instance
  • MR::max_retries - returns the number of retries allows for this router instance
  • MR::message - returns or sets details in the message routing table
  • MR::payload - returns the data collected using the MR::collect command
  • MR::peer - defines a peer to use for routing a message to
  • MR::prime - establishes an outgoing connection to the specified host or hosts using the specified transport
  • MR::protocol - returns ‘generic, ‘sip’ or ‘diameter’
  • MR::release - releases the data collected via MR::collect iRule command.
  • MR::restore - returns the stored variables to the current context tcl variable store
  • MR::retry - sends the current message to the router for routing
  • MR::return - returns the current message to the originating connection
  • MR::store - stores a tcl variable with the mr_message object
  • MR::stream - start egressing bytes previously collected and stored
  • MR::transport - returns the name and type (virtual or config) of the transport used to configure the current connection

NAME