GTM

Description

iRules commands and events for working with DNS queries on GTM.

Commands

Global

  • active_members - Returns the number or list of active members in the specified pool.
  • AES::decrypt - Decrypt the data using the previously-created AES key.
  • AES::encrypt - Encrypt the data using the previously-created AES key.
  • AES::key - Creates an AES key to encrypt/decrypt data.
  • b64decode - Returns a string that is base-64 decoded
  • b64encode - Returns a string that is base-64 encoded. or if an error occurs. an empty string.
  • class - Advanced access of classes
  • cname - Causes the specified name to be sent as a CNAME response.
  • cpu - The cpu usage command returns the average TMM cpu load for the given interval.
  • crc32 - Returns the crc32 checksum for the specified string.
  • discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
  • DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
  • DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
  • DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
  • DNS::class - gets or sets the resource record class field
  • DNS::disable - sets the service state to disabled for the current dns packet.
  • DNS::drop - Drops the current DNS packet after the execution of the event.
  • DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
  • DNS::enable - sets the service state to enabled for the current dns packet.
  • DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
  • DNS::last_act - sets the action to perform if no DNS service handles this packet
  • DNS::len - returns the dns packet message length.
  • DNS::name - gets or sets the resource record name field
  • DNS::origin - returns the originator of the DNS message
  • DNS::ptype - returns the type of the DNS packet.
  • DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
  • DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
  • DNS::rdata - gets or sets the resource record rdata field
  • DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
  • DNS::rr - creates a new resource record object with specified attributes or as a complete string.
  • DNS::rrname - Returns the name requested by the client.
  • DNS::rrtype - Returns the resource record type requested by the client.
  • DNS::tsig - manipulates the current DNS message and its TSIG resource record.
  • domain - Parses the specified string as a dotted domain name and returns the last portions of the domain name.
  • drop - Causes the current packet or connection to be dropped/discarded. Same as the discard command.
  • findstr - Finds a string within another string and returns the string starting at the offset specified from the match.
  • GTM members - List all members of a given pool
  • GTM persist - Returns the persistence state value. when enabled. If you specify arguments. returns the previous state value.
  • host - Causes the specified server host to be used instead of load balancing.
  • HSL::open - Open a handle for High Speed Logging communication
  • HSL::send - Send data via High Speed Logging
  • htonl - Convert the unsigned integer from host byte order to network byte order.
  • htons - Convert the unsigned short integer from host byte order to network byte order.
  • ifile - returns content and attributes from external files on the BIG-IP system
  • log - Generates and logs a message to the syslog-ng utility.
  • matchregion - Returns true/false if specified region is matched.
  • md5 - Returns the RSA MD5 Message Digest Algorithm message digest of the specified string.
  • member_priority - Returns the priority of the specified pool member.
  • node - Sends the packet directly to the identified server node.
  • nodes_up - Returns the number of up nodes behind a virtual server.
  • ntohl - Convert the unsigned integer from network byte order to host byte order.
  • ntohs - Convert the unsigned short integer from network byte order to host byte order.
  • pool - Causes the system to load balance traffic to the specified pool or pool member regardless of monitor status.
  • pools - Returns the number of pools or a list of pools in the wideIP
  • qos_score - allows computation of qos_score for use in iRules
  • qos_weight - allows examination and manipulation of QoS weights
  • reject - Causes the connection to be rejected.
  • return - Causes immediate exit from the currently executing event in the currently executing iRule.
  • rmd160 - Returns the RIPEMD-160 message digest of the specified string.
  • server_port - Returns the TCP port/service number of the specified server.
  • sha1 - Returns the SHA version 1.0 message digest of the specified string.
  • sha256 - Returns the Secure Hash Algorithm (SHA2) 256-bit message digest of the specified string.
  • sha384 - Returns the Secure Hash Algorithm (SHA2) 384-bit message digest of the specified string.
  • sha512 - Returns the Secure Hash Algorithm (SHA2) 512-bit message digest of the specified string.
  • substr - A custom iRule function which returns a substring from a string
  • TMM::cmp_count - Provides the active number of TMM instances running.
  • TMM::cmp_group - Returns the number (0-x) of the group of the CPU executing the rule. Typically a group refers to the blade number on a chassis system. and is always 0 on other platforms.
  • TMM::cmp_unit - Returns the number (0-x) of the CPU executing the rule.
  • ttl - Overrides the default time-to-live value for DNS responses
  • uptime - Returns the number of seconds the local GTM has been up.
  • URI::basename - Extracts the basename part of a given uri string.
  • URI::compare - Compares two URI’s for equality.
  • URI::decode - Returns a decoded version of a given URI.
  • URI::encode - Returns an encoded version of a given URI.
  • URI::host - Returns the host portion of a given URI.
  • URI::path - Returns the path portion of the given URI.
  • URI::port - Returns the host port from the given URI.
  • URI::protocol - Returns the protocol of the given URI.
  • URI::query - Returns the query string portion of the given URI or the value of a query string parameter.
  • whereami - Returns the datacenter name for the local GTM.
  • whereis - Returns geographical information on an IP address.
  • whoami - Returns the server name for the local GTM.
  • wideip - Returns information about the wideIP upon which the request arrived.
  • X509::cert_fields - Returns a list of X509 certificate fields to be added to HTTP headers for ModSSL behavior.
  • X509::extensions - Returns the X509 extensions set on an X509 certificate.
  • X509::hash - Returns the MD5 hash (fingerprint) of an X509 certificate.
  • X509::issuer - Returns the issuer of an X509 certificate.
  • X509::not_valid_after - Returns the not-valid-after date of an X509 certificate.
  • X509::not_valid_before - Returns the not-valid-before date of an X509 certificate.
  • X509::serial_number - Returns the serial number of an X509 certificate.
  • X509::signature_algorithm - Returns the signature algorithm of an X509 certificate.
  • X509::subject - Returns the subject of an X509 certificate.
  • X509::subject_public_key - Returns the subject’s public key of an X509 certificate.
  • X509::subject_public_key_RSA_bits - Returns the size of the subject’s public RSA key of an X509 certificate.
  • X509::subject_public_key_type - Returns the subject’s public key type of an X509 certificate.
  • X509::version - Returns the version number of an X509 certificate.
  • X509::whole - Returns an X509 certificate in PEM format.

UDP


TCP

  • TCP::client_port - Returns the remote TCP port/service number of the clientside TCP connection.
  • TCP::server_port - Returns the remote TCP port/service number of the serverside TCP connection.

IP

  • IP::addr - Performs comparison of IP address/subnet/supernet to IP address/subnet/supernet. or parses 4 binary bytes into an IPv4 dotted quad address.
  • IP::client_addr - Returns the client IP address of a connection
  • IP::local_addr - Returns the IP address of the virtual server the client is connected to or the self-ip LTM is connected from.
  • IP::protocol - Returns the IP protocol value.
  • IP::remote_addr - Returns the IP address of the host on the far end of the connection.
  • IP::server_addr - Returns the server’s IP address.
  • IP::reputation - Looks up the supplied IP address in the IP intelligence (reputation) database and returns a TCL list containing reputation categories

LB

  • LB::server - Returns information about the currently selected server
  • LB::status - Returns the status of a node address or pool member.

Events

  • DNS_REQUEST - Triggered when the system receives a DNS request.
  • DNS_RESPONSE - Triggered when the system responds to a DNS request.
  • LB_FAILED - Triggered when the system fails to select a pool or a pool member. or when a selected resource is unreachable.
  • LB_SELECTED - Triggered when the system selects a pool member.
  • RULE_INIT - Triggered when an iRule is added or is modified.