iRules Reference¶
Summary: The definitive source for information on iRules
Events¶
- 20linesorless - Colin’s 20 Lines or Less Blog Series
- ACCESS_ACL_ALLOWED - This event is triggered when a resource request passes the access control criteria and is allowed to go through the ACCESS filter. This event is only triggered for the resource requests and …
- ACCESS_ACL_DENIED - This event is triggered when a resource request fails to meet the access control criteria and is denied access.
- ACCESS_PER_REQUEST_AGENT_EVENT - allows admin to execute an iRule logic (inside TMM) at a desired point in the per-request access policy execution
- ACCESS_POLICY_AGENT_EVENT - This event provides glue between iRule execution and access policy execution.
- ACCESS_POLICY_COMPLETED - This event is triggered when the access policy execution completes for a user session.
- ACCESS_SAML_ASSERTION - triggered when the SAML assertion payload is generated for a user session.
- ACCESS_SAML_AUTHN - triggered when the SAML authentication request payload is generated for a user session.
- ACCESS_SAML_SLO_REQ - triggered when the SAML single logout request payload is generated for a user session.
- ACCESS_SAML_SLO_RESP - triggered when the SAML single logout response payload is generated for a user session
- ACCESS_SESSION_CLOSED - This event is triggered when a user session is removed due to a user logging out explicitly. timeout or if terminated explicitly by admin.
- ACCESS_SESSION_STARTED - This event is triggered when a new user session is created. This is triggered after creating the session context and initial session variables related to user’s source IP. browser capabiliti…
- ACCESS2_POLICY_EXPRESSION_EVAL - triggered when per-request policy branch expressions are evaluated
- ADAPT_REQUEST_HEADERS - raised as soon as any HTTP request headers have been returned from the IVS
- ADAPT_REQUEST_RESULT - raised after the internal virtual server returns the result of the request modification but before the potentially modified request or the original request is passed on for other processing.
- ADAPT_RESPONSE_HEADERS - raised as soon as any HTTP response headers have been returned from the IVS
- ADAPT_RESPONSE_RESULT - raised after the internal virtual server returns the result of the response modification but before the potentially modified response or the original response is passed on for other processing.
- ANTIFRAUD_ALERT - Raised when an alert is received or generated
- ANTIFRAUD_LOGIN - login event
- ASM_REQUEST_BLOCKING - Triggered when ASM is generating the reject-response and gives the iRule a chance to modify that reject-response before it is sent.
- ASM_REQUEST_DONE - triggered after ASM finished processing the request and found all violations of the ASM policy
- ASM_REQUEST_VIOLATION - Triggered when ASM detects that a request violates an ASM security policy.
- ASM_RESPONSE_VIOLATION - Triggered when ASM detects that a response violates an ASM security policy.
- AUTH_ERROR - Triggered when an error occurs during authorization (deprecated in 9.4).
- AUTH_FAILURE - Triggered when an unsuccessful authorization operation is completed (deprecated in 9.4).
- AUTH_RESULT - Replaces AUTH_SUCCESS. AUTH_FAILURE. AUTH_ERROR. and AUTH_WANTCREDENTIAL events.
- AUTH_SUCCESS - Triggered when a successful authorization has completed all required authentication services (deprecated in 9.4).
- AUTH_WANTCREDENTIAL - Triggered when an authorization operation needs an additional credential (deprecated in 9.4).
- AVR_CSPM_INJECTION - Triggered when the AVR profile is about to insert a CSPM javascript
- BOTDEFENSE_ACTION - Triggered immediately prior to taking an action on a transaction
- BOTDEFENSE_REQUEST - Triggered on an HTTP request (before the payload), after Bot Defense finished processing the request, but before a decision is made on a possible action
- CACHE_REQUEST - Triggered when the system receives a request for a cached object.
- CACHE_RESPONSE - Triggered immediately prior to sending a cache response.
- CACHE_UPDATE - In Progress - Add Summary Here
- CATEGORY_MATCHED - triggered when a custom category match (or prefix match) is found
- CLASSIFICATION_DETECTED - triggered when a flow is classified
- CLIENT_ACCEPTED - Triggered when a client has established a connection.
- CLIENT_CLOSED - This event is fired at the end of any client connection. regardless of protocol.
- CLIENT_DATA - Triggered each time new data is received from the client while the connection is in “collect” state.
- CLIENTSSL_CLIENTCERT - Triggered when the system adds an SSL client certificate to the client certificate chain.
- CLIENTSSL_CLIENTHELLO - Triggered when the system has received the client’s SSL ClientHello message
- CLIENTSSL_DATA - Triggered each time new SSL data is received from the client while the connection is in “collect” state.
- CLIENTSSL_HANDSHAKE - Triggered when a client-side SSL handshake is completed.
- CLIENTSSL_PASSTHROUGH - Triggered when the SSL receive the plaintext data and enter the passthrough mode
- CLIENTSSL_SERVERHELLO_SEND - Triggered when the system is about to send its SSL ServerHello message on the clientside connection
- iRules Codeshare - iRule Reference Library
- Persistence Cookie Logging - Cookie Persistence Logging
- DIAMETER_INGRESS - triggered when the system receives a DIAMETER message
- DIAMETER_RETRANSMISSION - triggered when the generates a retransmitted DIAMETER request or a DIAMETER answer message
- DIAMETER_EGRESS - triggered when the system is ready to send a DIAMETER message
- DNS - iRules commands relating to the DNS protocol
- DNS_REQUEST - Triggered when the system receives a DNS request.
- DNS_RESPONSE - Triggered when the system responds to a DNS request.
- ECA_REQUEST_ALLOWED - fired when ECA plugin successfully authenticates
- ECA_REQUEST_DENIED - fired only when ECA plugin fails
- EPI_NA_CHECK_HTTP_REQUEST - triggered when special http request comes
- FIX_HEADER - Triggered when the system finishes parsing a new FIX header
- FIX_MESSAGE - Triggered when the system finishes parsing a new FIX message.
- FLOW_INIT - triggered (once for TCP and unique UDP/IP flows) after packet filters
- GENERICMESSAGE_EGRESS - raised when a message is received from the proxy
- GENERICMESSAGE_INGRESS - raised when a message is received by the generic message filter
- GTP_GPDU_EGRESS - Triggered for a message that has GTP message-type = 255 on the connection that forwards/egresses the message.
- GTP_GPDU_INGRESS - Triggered for a message that has GTP message-type = 255 on the connection that accepted the message.
- GTP_PRIME_EGRESS - Triggered only for GTP prime messages for revision 1 on the connection that forwards/egresses the message.
- GTP_PRIME_INGRESS - Triggered only for GTP prime messages for revision 1 on the connection that accepted the message.
- GTP_SIGNALLING_EGRESS - Triggered for any GTP-message except G-PDU on the connection that forwards/egresses the message.
- GTP_SIGNALLING_INGRESS - Triggered for any GTP-message except G-PDU on the connection that accepted the message
- HA - iRules commands that are specifically designed to query for High Availability (HA) status.
- HTML_COMMENT_MATCHED - is raised when an HTML comment is encountered.
- HTML_TAG_MATCHED - is raised when an HTML tag is encountered.
- HTTP_CLASS_FAILED - Triggered when an HTTP request is made to a virtual server with at least one HTTP class configured. and the request does not match the filters of any HTTP class.
- HTTP_CLASS_SELECTED - Triggered when an HTTP request matches an HTTP class.
- HTTP_DISABLED - triggered when HTTP is disabled
- HTTP_PROXY_CONNECT - triggered when proxy chaining via use of the HTTP_PROXY_CONNECT profile
- HTTP_PROXY_REQUEST - Triggered when a virtual server has proxy-mode explicit
- HTTP_PROXY_RESPONSE - triggered when the response from the remote HTTP proxy is received
- HTTP_REJECT - triggered when HTTP aborts the connection
- HTTP_REQUEST - Triggered when the system fully parses the complete client HTTP request headers.
- HTTP_REQUEST_DATA - Triggered when an HTTP::collect command has collected the specified amount of request data.
- HTTP_REQUEST_SEND - Triggered immediately before an HTTP request is sent to the server-side TCP stack.
- HTTP_RESPONSE - Triggered when the system parses all of the response status and header lines from the server response.
- HTTP_RESPONSE_CONTINUE - Triggered whenever the system receives a 100 Continue response from the server.
- HTTP_RESPONSE_DATA - Triggered when an HTTP::collect command has collected the specified amount of response data.
- HTTP_REQUEST_RELEASE - Triggered when the system is about to release HTTP data on the serverside of the connection.
- HTTP_RESPONSE_RELEASE - Triggered when the system is about to release HTTP data on the clientside of the connection.
- ICAP_REQUEST - raised after an ICAP command has been created but before it has been sent to an ICAP server
- ICAP_RESPONSE - raised after an ICAP response has been processed but before the result is sent back to the HTTP adaptation virtual server
- IN_DOSL7_ATTACK - Triggered when ASM detects that a request violates an ASM security policy for Denial of Service attacks
- IVS_ENTRY_REQUEST - The internal virtual server has received a request from the parent virtual server (client side).
- IVS_ENTRY_RESPONSE - The internal virtual server has received a response from the parent virtual server
- L7CHECK_CLIENT_DATA - triggered each time new ingress data is received from client
- L7CHECK_SERVER_DATA - triggered each time new ingress data is received from server
- LB::class - Provides the name of the traffic class that matched the connection
- LB_FAILED - Triggered when the system fails to select a pool or a pool member. or when a selected resource is unreachable.
- LB_SELECTED - Triggered when the system selects a pool member.
- LB_QUEUED - serverside event triggered when a connection limit it hit at the pool or pool member level.
- MQTT_CLIENT_DATA - triggers when an a prior MQTT::collect command finishes
- MQTT_CLIENT_EGRESS - triggered when an MQTT message is sent to client-side
- MQTT_CLIENT_INGRESS - triggers when an MQTT message is received from client-side
- MQTT_CLIENT_SHUTDOWN - triggered when MQTT client closes TCP connection
- MQTT_SERVER_DATA - triggers when server-side payload data collection invoked using MQTT::collect finishes
- MQTT_SERVER_EGRESS - triggered when an MQTT message is sent to server-side
- MQTT_SERVER_INGRESS - triggers when an MQTT message is received from server-side
- MR_EGRESS - raised after the route has been selected and processed and the message is delivered to the mr_proxy
- MR_INGRESS - raised when a message is received by the message proxy and before a route lookup occurs
- MR_FAILED - raised when a message has been returned to the originating flow due to a routing failure
- NAME_RESOLVED - Triggered after a NAME::lookup command has been issued and a response has been received.
- PCP_REQUEST - triggered on receipt of a valid PCP request from a client
- PCP_RESPONSE - Triggered when a PCP response, successful or not, is returned to the client.
- PEM_POLICY - PEM_POLICY is an event which gets triggerd upon PEM policy attach and update to a flow
- PEM_POLICY - This event only works with PEM iRule
- PERSIST_DOWN - Triggered when persistence dictates that a connection would be sent to a pool or a pool member or node which has been marked down.
- PING_REQUEST_READY - triggered when TMM has assembled an HTTP request to PingAccess policy server
- PING_RESPONSE_READY - triggered when TMM has received an HTTP response from PingAccess policy server
- Pinhole/Pinpoint DNS - Change DNS records requested from a resolver pool on the fly
- Project BAIU - Basic to Advanced IP & UserID Rate Limiter - World first, most advanced IP & UserID rate limiter available
- PROTOCOL_INSPECTION_MATCH - Triggered when protocol inspection is matched for this flow
- QOE_PARSE_DONE - triggered when the system finishes parsing the static video parameters from video header part.
- REWRITE_REQUEST_DONE - always triggered after the ACCESS_ACL_ALLOWED event when a Portal Access resource is accessed.
- REWRITE_RESPONSE_DONE - only trigged when the REWRITE_REQUEST_DONE event calls REWRITE::post_process on.
- RTSP_REQUEST - Triggered after a complete request has been received from either the client or the server.
- RTSP_REQUEST_DATA - Triggered whenever an RTSP::collect command finishes processing.
- RTSP_RESPONSE - Triggered after a complete response has been received from either the client or the server.
- RTSP_RESPONSE_DATA - Triggered when collection of response data is finished.
- RULE_INIT - Triggered when an iRule is added or is modified.
- SA_PICKED - triggered after source translation is completed.
- SERVER_CLOSED - This event is triggered when the server side connection closes.
- SERVER_CONNECTED - Triggered when a connection has been established with the target node.
- SERVER_DATA - Triggered when new data is received from the target node after TCP::collect command has been issued.
- SERVER_INIT - triggered when BIG-IP has been configured to collect options and serverside TCP SYN is sent
- SERVERSSL_CLIENTHELLO_SEND - Triggered when the system is about to send its SSL ClientHello message.
- SERVERSSL_DATA - Triggered when new SSL data is received from the target node after SSL::collect command has been issued.
- SERVERSSL_HANDSHAKE - Triggered when a server-side SSL handshake is completed.
- SERVERSSL_SERVERCERT - triggered when the system finishes the server certificate verification
- SERVERSSL_SERVERHELLO - Triggered when the system has received the server’s SSL ServerHello message.
- SIP_CLIENT_MSG - In Progress - Add Summary Here
- SIP_REQUEST - Triggered when the system fully parses a complete client SIP request header.
- SIP_REQUEST_DONE - aised when a request message is received from the proxy after routing
- SIP_REQUEST_SEND - Triggered immediately before a SIP request is sent to the server-side TCP stack.
- SIP_RESPONSE - Triggered when a SIP Response is received from the Server
- SIP_RESPONSE_DONE - raised when a request message is received from the proxy after routing
- SIP_RESPONSE_SEND - Triggered …
- SIP_SERVER_MSG - In Progress - Add Summary Here
- SOCKS_REQUEST - triggered upon receipt of a SOCKS command on a SOCKS connection, before authentication is done.
- STREAM_MATCHED - Triggered when a stream expression matches.
- TDS_REQUEST - triggered when a TDS request message is received.
- TDS_RESPONSE - triggered when a TDS response message is received.
- USER_REQUEST - triggered by command TCP::notify request.
- USER_RESPONSE - Triggered by command TCP::notify response
- WS_CLIENT_DATA - raised when the system collects the specified amount of data via the WS::collect command
- WS_CLIENT_FRAME - raised to indicate the start of a Websocket frame received from the client
- WS_CLIENT_FRAME_DONE - aised to indicate the end of a Websocket frame received from the client
- WS_REQUEST - raised when certain headers are present in the client request
- WS_RESPONSE - raised when certain headers are present in the server response
- WS_SERVER_DATA - raised when the system collects the specified amount of data via the WS::collect command
- WS_SERVER_FRAME - raised to indicate the start of a Websocket frame received from the server.
- WS_SERVER_FRAME_DONE - raised to indicate the end of a Websocket frame received from the server
- XML_BEGIN_DOCUMENT - Triggered before the XML document gets parsed.
- XML_BEGIN_ELEMENT - Triggered when the parser has encountered the start of an element.
- XML_CDATA - Triggered when the parser has encountered character data (CDATA).
- XML_CONTENT_BASED_ROUTING - Triggered when a match is found in the XML profile.
- XML_END_DOCUMENT -
- XML_END_ELEMENT - Triggered when the parser has encountered the end of an element.
- XML_EVENT - A generic “catch-all” event that is triggered for all XML events.
- 20linesorless - Colin’s 20 Lines or Less Blog Series
- Create an IP Address geolocation data search virtual server with a visual map -
- DNS - iRules commands relating to the DNS protocol
- DNS_REQUEST - Triggered when the system receives a DNS request.
- GTM iRule with NAT - returns NAT address for WIP pool members based on LDNS
- LB_FAILED - Triggered when the system fails to select a pool or a pool member. or when a selected resource is unreachable.
- LB_SELECTED - Triggered when the system selects a pool member.
- RULE_INIT - Triggered when an iRule is added or is modified.
Commands¶
- ACCESS::acl - Poll or enforce ACLs in your connections
- ACCESS::disable - Control enforcement for a particular request URI
- ACCESS::enable - enables the access control enforcement for a particular request URI
- ACCESS::flowid - set/get the flow id for SSL Orchestrator using APM logging framework
- ACCESS::log - logs a message using APM logging framework
- ACCESS::oauth - returns a JSON Web Signature token
- ACCESS::perflow - String of perflow variable; empty if value isn’t set
- ACCESS::policy - Return information about access policies
- ACCESS::respond - This command generates new respond and automatically overrides the default respond.
- ACCESS::restrict_irule_events - Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs
- ACCESS::saml - allows you to retrieve or manipulate SAML related messages
- ACCESS::session - Access or manipulate session information.
- ACCESS::user - Returns user ID information
- ACCESS::uuid - enumerates the session IDs that belongs to a specified uuid key by the order of its creation and provides them in a Tcl list
- ACCESS2::access2_proc - return the TCL procedure registered for currently executing per-request policy expression.
- accumulate - Terminates iRule processing until more data is received.
- ACL::action - allows you to determine the ACL action in the FLOW_INIT event
- ACL::eval - enforces ACLs in your connections
- active_members - Returns the number or list of active members in the specified pool.
- active_nodes - Returns the alias for active members of the specified pool (for BIG-IP version 4.X compatibility).
- ADAPT::allow - sets or returns the allow attribute
- ADAPT::context_create - creates a new dynamic context on the specified or current side
- ADAPT::context_current - returns a handle for the current context
- ADAPT::context_delete_all - deletes all dynamic contexts on both sides of the virtual server
- ADAPT::context_name - returns the name of a context
- ADAPT::context_static - returns a handle for the static context of the current or specified side
- ADAPT::enable - sets or returns the enable attribute
- ADAPT::preview_size - sets or returns the preview-size attribute.
- ADAPT::result - sets or returns the adaption result code.
- ADAPT::select - sets or returns the internal-virtual attribute
- ADAPT::service_down_action - sets or returns the service_down_action attribute.
- ADAPT::timeout - sets or returns the timeout attribute
- ADM::health - Return health value as integer. Lower values are good health
- ADM::is_ip_slowdown - Returns TRUE if source IP exists in greylist table
- ADM::is_mitigated - Returns TRUE if certain HTTP request was mitigated by ADM
- AES::decrypt - Decrypt the data using the previously-created AES key.
- AES::encrypt - Encrypt the data using the previously-created AES key.
- AES::key - Creates an AES key to encrypt/decrypt data.
- after - Execute iRules code after a set period of delay.
- ANTIFRAUD::alert_additional_info - returns a list of keys and values that describes integrity parameters check failure or parameter values too long error
- ANTIFRAUD::alert_bait_signatures - returns the bait signatures in an escaped base64 format
- ANTIFRAUD::alert_component - returns the error type according to alert_type
- ANTIFRAUD::alert_defined_value - returns defined (configured) value.
- ANTIFRAUD::alert_device_id - returns flash GUID
- ANTIFRAUD::alert_expected_value - returns expected (verified) value
- ANTIFRAUD::alert_fingerprint - returns fingerprint data collected on client side
- ANTIFRAUD::alert_forbidden_added_element - returns forbidden added HTML element and its content, in an escaped base64 format
- ANTIFRAUD::alert_guid - returns GUID that is used to identify which users have been infected with malware before the user logs in
- ANTIFRAUD::alert_html - returns the whole HTML in an escaped base64 format
- ANTIFRAUD::alert_http_referrer - returns HTTP referrer
- ANTIFRAUD::alert_id - returns an alert id
- ANTIFRAUD::alert_license_id - returns crc32 of the license id in hex
- ANTIFRAUD::alert_min - returns variable data from client side for the alert
- ANTIFRAUD::alert_origin - returns the origin of the alert, e.g. clientside, serverside or secure alert cookie.
- ANTIFRAUD::alert_resolved_value - returns resolved (actual) value.
- ANTIFRAUD::alert_score - returns the alert severity
- ANTIFRAUD::alert_transaction_data - returns key-value list of all parameters marked to be attached
- ANTIFRAUD::alert_transaction_id - returns HTTP transaction ID
- ANTIFRAUD::alert_type - returns the alert type
- ANTIFRAUD::alert_username - returns a username and for phishing also additional fields
- ANTIFRAUD::alert_view_id - returns the configured URL and view which triggered this alert
- ANTIFRAUD::disable - disables the anti-fraud plugin
- ANTIFRAUD::disable_alert - disables the current alert
- ANTIFRAUD::disable_app_layer_encryption - disables application layer encryption for the current transaction
- ANTIFRAUD::disable_auto_transactions - disables automatic transactions for the current transaction
- ANTIFRAUD::disable_injection - disables Anti-Fraud injections for the current transaction.
- ANTIFRAUD::disable_malware - disables malware detection for the current transaction
- ANTIFRAUD::disable_phishing - disables phishing detection for the current transaction
- ANTIFRAUD::enable - enables the anti-fraud plugin
- ANTIFRAUD::enable_log - enables Anti-Fraud TMM logs for the current transaction
- ANTIFRAUD::fingerprint - returns fingerprint data collected on the client side
- ANTIFRAUD::result - returns result of login validation
- ASM::client_ip - Returns the IP address of the end client that sent the present request
- ASM::disable - Disables plugin processing on the connection.
- ASM::enable - Enables plugin processing on the connection.
- ASM::fingerprint - returns the FP id if available
- ASM::payload - This command retrieves or replaces the payload collected by ASM.
- ASM::raise - Issues a user-defined violation on the present request
- ASM::severity - Returns the overall severity of the violations found in the transaction (both request and response)
- ASM::signature - returns the list of signatures
- ASM::status - Returns the current status of the request or response
- ASM::support_id - Returns the support id of the present HTTP transaction
- ASM::unblock - Overrides the blocking action for a request that had blocking violation
- ASM::violation - Returns the list of violations found in the present request or response together with details on each one
- ASM::violation_data - This command exposes violation data using a multiple buffers instance
- ASN1::decode - used to decode ASN.1 records
- ASN1::element - returns ASN1.1 record elements
- ASN1::encode - used to encode ASN.1 records
- AUTH::abort - Cancels any outstanding auth operations in this authentication session.
- AUTH::authenticate - Performs a new authentication operation.
- AUTH::authenticate_continue - Continues an authentication operation.
- AUTH::cert_credential - Sets the peer certificate credential to the value of a peer certificate for a future AUTH::authenticate call.
- AUTH::cert_issuer_credential - Sets the peer certificate issuer credential to the value of for a future AUTH::authenticate call.
- AUTH::last_event_session_id - Returns the session ID of the last auth event
- AUTH::password_credential - Sets the password credential to the specified string for a future AUTH::authenticate call.
- AUTH::response_data - Returns pairwise auth query results
- AUTH::ssl_cc_ldap_status - Returns the status from the last successful client certificate-based LDAP query.
- AUTH::ssl_cc_ldap_username - Returns a user name that the system retrieved from the LDAP database.
- AUTH::start - Initializes an authentication session.
- AUTH::status - Returns authentication status.
- AUTH::subscribe - Registers interest in auth query results.
- AUTH::unsubscribe - Cancels interest in auth query results.
- AUTH::username_credential - Sets the username credential to a string. for a future AUTH::authenticate call.
- AUTH::wantcredential_prompt - Returns a string for an authorization session authid’s credential prompt.
- AUTH::wantcredential_prompt_style - Returns an authorization session authid’s credential prompt style.
- AUTH::wantcredential_type - Returns an authorization session authid’s credential type
- AVR::disable - Disables the AVR plugin for the current connection
- AVR::enable - Enables the AVR plugin for the current connection
- AVR::log - logs an event for stats.
- AVR::disable_cspm_injection - Disables the injection of CSPM javascript to the response payload
- b64decode - Returns a string that is base-64 decoded
- b64encode - Returns a string that is base-64 encoded. or if an error occurs. an empty string.
- BIGPROTO::enable_fix_reset - enables or disables reset of FIX protocol connections
- BIGTCP::release_flow - Transition layer 7 FIX message to layer 4
- BOTDEFENSE::action - Returns the action to be taken by Bot Defense
- BOTDEFENSE::bot_signature - returns the name of the detected Bot Signature
- BOTDEFENSE::bot_signature_category - returns the name of the detected Bot Signature Category
- BOTDEFENSE::captcha_age - Returns the age of the CAPTCHA challenge in seconds
- BOTDEFENSE::captcha_status - Returns the status of the user’s answer to the CAPTCHA challenge
- BOTDEFENSE::client_type - returns the type of the client that sent the request
- BOTDEFENSE::cookie_age - Returns the age of the Bot Defense cookie in seconds
- BOTDEFENSE::cookie_status - Returns the status of the Bot Defense cookie
- BOTDEFENSE::cs_allowed - Returns or sets if the client-side actions are allowed
- BOTDEFENSE::cs_attribute - Queries for or sets attributes for the client-side challenge
- BOTDEFENSE::cs_possible - Returns “true” or “false” based on whether it is possible to take one of the client-side actions
- BOTDEFENSE::device_id - Returns a number, representing the Device ID of the client, as retrieved from the request
- BOTDEFENSE::disable - Disables processing and blocking of the request by Bot Defense
- BOTDEFENSE::enable - Enables processing and blocking of the request by Bot Defense
- BOTDEFENSE::previous_action - returns the action taken by the previous request
- BOTDEFENSE::previous_request_age - returns the number of seconds that passed since the previous request was received
- BOTDEFENSE::previous_support_id - returns the Support ID of the previous request
- BOTDEFENSE::reason - Returns the reason that lead Bot Defense to decide on the action to be taken
- BOTDEFENSE::support_id - returns the support ID of the request
- BWC::color - allows a category assignment to dynamic policies
- BWC::mark - assign tos and qos values to a flow
- BWC::measure - start or stop measurement on a per policy or on a per flow basis
- BWC::policy - Attach/Detach a bandwidth policy to a flow
- BWC::pps - allows modification of the packets per second for the session
- BWC::priority - map a policy instance or category to a priority class of a priority group
- BWC::rate - allows for a different bandwidth be set on dynamic policies
- CACHE::accept_encoding - Overrides the accept_encoding value used by the cache to store the cached content.
- CACHE::age - Returns the age of the document in the cache.
- CACHE::disable - Disables the caching for this request.
- CACHE::enable - Forces the document to be cached.
- CACHE::expire - Forces the document to be revalidated from the server.
- CACHE::header - Get the content of an Header related to an object stored in the RamCache.
- CACHE::headers - Returns the HTTP headers of the cache response.
- CACHE::hits - Returns the document cache hits.
- CACHE::payload - Returns the HTTP payload of the cache response.
- CACHE::priority - Adds a priority to cached documents.
- CACHE::trace - Dump the list of cached objects for a HTTP profile where RAM cache is enabled.
- CACHE::uri - Overrides the URI value used by the cache to store the cached content.
- CACHE::useragent - Overrides the useragent value used by the cache to reference the cached content.
- CACHE::userkey - Allows users to add user-defined values to the key used by the cache to reference the cached content.
- call - Call an iRule procedure
- CATEGORY::analytics - enables or disables the analytics server on a per request basis
- CATEGORY::filetype - checks for the mime type and mime subtype of an HTTP request payload
- CATEGORY::matchtype - stores the match result in the specified variable
- CATEGORY::result - Returns a list of categories or safe search parameters
- CATEGORY::safesearch - checks for safe search parameters for the given URL
- CATEGORY::lookup - returns the category of the supplied URL
- class - Advanced access of classes
- CLASSIFICATION::app - provides classification for the most explicit application name
- CLASSIFICATION::category - provides classification category name
- CLASSIFICATION::disable - disables classification for the current flow
- CLASSIFICATION::enable - enables classification for the current flow
- CLASSIFICATION::protocol - provides classification for the least explicit application name
- CLASSIFICATION::result - provides classification results.
- CLASSIFICATION::urlcat - provides classification url category name
- CLASSIFICATION::username - returns username associated with classification results
- CLASSIFY -
- CLASSIFY::application - allows you to set or add an app name to the classification.
- CLASSIFY::category - allows you to set or add a category name to the classification
- CLASSIFY::defer - defers the classification of the flow to response
- CLASSIFY::urlcat - allows you to set or add an url category to the classification.
- client_addr - Returns the client IP address of a connection.
- client_port - Returns the TCP port number/service of the specified client.
- clientside - Causes the specified iRule commands to be evaluated under the client-side context.
- clone - Causes the system to clone traffic to the specified pool or pool member regardless of monitor status.
- close - Closes an existing sideband connection
- cname - Causes the specified name to be sent as a CNAME response.
- COMPRESS::buffer_size - Sets the compression buffer size.
- COMPRESS::disable - Disables compression for the current HTTP response.
- COMPRESS::enable - Enables compression for the current HTTP response.
- COMPRESS::gzip - Sets HTTP data compression criteria.
- COMPRESS::method - Specifies the preferred compression algorithm.
- connect - Establishes a sideband connection
- connect info - Returns a Tcl list of the specified information
- CONNECTOR::disable - disables all the connectors on chain
- CONNECTOR::enable - enables all the connectors on chain
- Persistence Cookie Logging - Cookie Persistence Logging
- cpu - The cpu usage command returns the average TMM cpu load for the given interval.
- crc32 - Returns the crc32 checksum for the specified string.
- CRYPTO::decrypt - decrypts data.
- CRYPTO::encrypt - encrypts data
- CRYPTO::hash - generates a hash on a piece of data
- CRYPTO::keygen - used to generate keys that can be used to encrypt and sign data
- CRYPTO::sign - used to provide a digital signature of a block of data.
- CRYPTO::verify - used to verify a signed block of data
- DATAGRAM::dns - returns DNS header information
- DATAGRAM::ip - returns ip header information
- DATAGRAM::ip6 - returns ipv6 header information
- DATAGRAM::l2 - returns Layer 2 destination address
- DATAGRAM::tcp - returns tcp header information.
- DATAGRAM::udp - returns UDP payload information
- decode_uri - Decodes the specified string using HTTP URI encoding.
- DECOMPRESS::disable - Disable DECOMPRESS feature on current flow.
- DECOMPRESS::enable - Enable DECOMPRESS feature on current flow.
- DEMANGLE::disable -
- DEMANGLE::enable -
- DHCP::version - returns the DHCP version
- DHCPv4::hlen - Returns hlen (hardware len) field from DHCPv4 message
- DHCPv4::htype - Returns htype (hardware type) field from DHCPv4 message
- DHCPv4::chaddr - Returns chaddr (client hardware address) from DHCPv4 message
- DHCPv4::ciaddr - Returns ciaddr (client IP) field from DHCPv4 message
- DHCPv4::drop - Drops the packet silently
- DHCPv4::giaddr - Returns giaddr (gateway or relay IP) field from DHCPv4 message
- DHCPv4::hops - Returns hops (num. of hops) field from DHCPv4 message
- DHCPv4::len - Returns the length of the DHCP packet length
- DHCPv4::opcode - Returns opcode field from DHCPv4 message
- DHCPv4::option - Retrieves or sets the option by id number x
- DHCPv4::reject - Drops the packet while sending ICMP packet about the drop reason
- DHCPv4::secs - Returns xid (transaction ID) field from DHCPv4 message
- DHCPv4::siaddr - Returns siaddr (server IP) field from DHCPv4 message
- DHCPv4::type - Returns type of DHCPv4 message
- DHCPv4::xid - Returns xid (transaction ID) field from DHCPv4 message
- DHCPv4::yiaddr - Returns yiaddr (your IP) field from DHCPv4 message
- DHCPv6::drop - Drops the packet silently
- DHCPv6::hop_count - Returns hop-count field from DHCPv6 RELAY message
- DHCPv6::len - Returns the length of the DHCP packet length
- DHCPv6::link_address - Returns link address field from DHCPv6 RELAY message
- DHCPv6::msg_type - Returns msg-type field from DHCPv6 message
- DHCPv6::option - Retrieves, sets or deletes the option by id number x
- DHCPv6::peer_address - Returns peer address field from DHCPv6 RELAY message
- DHCPv6::reject - Drops the packet while sending ICMP packet about the drop reason
- DHCPv6::transaction_id - Returns transaction-id field from DHCPv6 message
- DIAMETER::avp - detailed access to diameter attribute-value pairs
- DIAMETER::command - gets or sets the command-code
- DIAMETER::disconnect - sends Disconnect-Peer-Request to client or server based on context.
- DIAMETER::drop - drops the current message quietly
- DIAMETER::header - gets or sets the DIAMETER header fields
- DIAMETER::host - gets or sets the value of the origin-host or destination-host attribute-value pair
- DIAMETER::is_request - returns true if it is a DIAMETER request, otherwise returns false
- DIAMETER::is_response - returns true if it is a DIAMETER response, otherwise, returns false.
- DIAMETER::is_retransmission - returns true if the current message is a retransmitted request
- DIAMETER::length - gets diameter message length
- DIAMETER::message - returns the whole Diameter message as a TCL string object.
- DIAMETER::payload - gets or sets DIAMETER message payload
- DIAMETER::persist - returns the persistence key being used for the current message
- DIAMETER::realm - gets or sets the value of the origin-realm or destination-realm attribute-value pair.
- DIAMETER::respond - send message to client or server (based on context)
- DIAMETER::result - gets or sets the value of the result-code attribute-value pair.
- DIAMETER::retransmission - allows the setting or getting of the current message’s retransmission settings
- DIAMETER::retransmission_default - gets or sets the current connection’s retransmission settings
- DIAMETER::retransmission_reason - returns the reason the current request was retransmitted
- DIAMETER::retransmit - triggers the request associated to the current answer message for retransmission
- DIAMETER::retry - tries to send the Diameter message contained in the binary array “binary_message”
- DIAMETER::route_status - returns the routing status of the current message
- DIAMETER::session - gets or sets the session-id attribute-value pair
- DIAMETER::state - returns the current state of the Diameter peer’s connection
- DIAMETER::message -
- DIAMETER::retry -
- DIAMETER::state -
- discard - Causes the current packet or connection to be dropped/discarded. Same as the drop command.
- DNS - iRules commands relating to the DNS protocol
- DNS::additional - returns, inserts, removes, or clears RRs from the additional section.
- DNS::answer - returns, inserts, removes, or clears all RRs from the answer section.
- DNS::authority - returns, inserts, removes, or clears RRs from the authority section.
- DNS::class - gets or sets the resource record class field
- DNS::disable - sets the service state to disabled for the current dns packet.
- DNS::drop - Drops the current DNS packet after the execution of the event.
- DNS::edns0 - gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR
- DNS::enable - sets the service state to enabled for the current dns packet.
- DNS::header - gets (v11.0+) or sets (v11.1+) simple bits or byte fields.
- DNS::is_wideip - returns status (true/false) if a string is a configured wide IP.
- DNS::last_act - sets the action to perform if no DNS service handles this packet
- DNS::len - returns the dns packet message length.
- DNS::name - gets or sets the resource record name field
- DNS::origin - returns the originator of the DNS message
- DNS::ptype - returns the type of the DNS packet.
- DNS::query - returns or constructs and sends a query to the DNS-Express database for a name and type
- DNS::question - gets (v11.0+) or sets (v11.1+) the question field value
- DNS::rdata - gets or sets the resource record rdata field
- DNS::return - skips all further processing after TCL execution and sends the dns packet in the opposite direction.
- DNS::rr - creates a new resource record object with specified attributes or as a complete string.
- DNS::rrname - Returns the name requested by the client.
- DNS::rrtype - Returns the resource record type requested by the client.
- DNS::scrape - allows users to walk over a DNS message and parse out information from the packet based on user supplied arguments
- DNS::tsig - manipulates the current DNS message and its TSIG resource record.
- DNS::ttl - gets or sets the resource record ttl field
- DNS::type - gets or sets the resource record type field
- DNSMSG::header -
- DNSMSG::record -
- DNSMSG::section -
- domain - Parses the specified string as a dotted domain name and returns the last portions of the domain name.
- DOSL7 - used to modify the ASM handling of Denial of Service violations and events
- DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
- DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
- DOSL7::health - returns the DOSL7 server health value for current virtual server
- DOSL7::is_ip_slowdown - returns TRUE if source IP exists in greylist table
- DOSL7::is_mitigated - returns TRUE if certain HTTP request was mitigated
- DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted
- drop - Causes the current packet or connection to be dropped/discarded. Same as the discard command.
- DSLITE::remote_addr - Returns the remote DS-Lite tunnel endpoint IP address.
- ECA::disable - disables the plugin the flow.
- ECA::domainname - returns NTLM authenticating user’s domain name
- ECA::enable - enables the plugin the flow
- ECA::select - replacement for NTLM::select
- ECA::status - returns NTLM authentication result
- ECA::username - returns NTLM authenticating username.
- event - Enables or disables evaluation of the specified iRule event. or all iRule events. on this connection.
- findclass - Searches a data group list for a member that starts with a specified string and returns the data-group member string.
- findstr - Finds a string within another string and returns the string starting at the offset specified from the match.
- FIX::tag - defines/deletes the mapping between senderCompID and a tag map data group
- FLOW::create_related - creates a related connection between clientside and serverside
- FLOW::idle_duration - returns the time in seconds when the flow was last used.
- FLOW::idle_timeout - Sets/Gets the idle timeout on the flow
- FLOW::peer - returns the TCL flow handle for the peer flow
- FLOW::priority - used to overwrite the flow’s internal packet priority
- FLOW::refresh - updates the last used time on the flow to now
- FLOW::this - returns the TCL handle for the current flow
- FLOWTABLE::count - returns flow counts
- FLOWTABLE::limit - returns configured connection limits
- forward - Sets the connection to forward IP packets.
- FTP::allow_active_mode - enables or disables the active transfer mode
- FTP::disable - disables FTP protocol handler for FTP message processing
- FTP::enable - enables FTP protocol handler for FTP message processing
- FTP::enforce_tls_session_reuse - enables or disables enforcing TLS session reuse
- FTP::ftps_mode - gets or sets the FTPS activation mode
- FTP::port - allows restriction of FTP ephemeral ports
- GENERICMESSAGE::message - returns or sets values in the message routing framework
- GENERICMESSAGE::peer - returns or sets the peer’s route name
- GENERICMESSAGE::route - add, delete, or lookup message routes
- getfield - Splits a string on a character or string. and returns the string corresponding to the specific field.
- GTM members - List all members of a given pool
- GTM persist - Returns the persistence state value. when enabled. If you specify arguments. returns the previous state value.
- GTP - iRules commands and events relating to GTP
- GTP::discard - Discards the current message
- GTP::header - Allows for the parsing of GTP header information.
- GTP::header extension - The extension headers are identified by unique type values. The type can be appended with index, if multiple headers of same type are expected.
- GTP::ie - This set of commands allows for the parsing and interpretation of GTP IE elements.
- GTP::length - This value is returned as read from the message header.
- GTP::message - Returns the entire GTP message.
- GTP::payload - Returns the entire payload for G-PDU message. This command returns an empty value, in case of non-G-PDU messages.
- GTP::tunnel - These commands parse the payload of G-PDU as IP datagram and return the values from IP header and TCP/UDP header.
- HA::status - Returns true or false based on whether the unit the command is executed on is active or standby
- host - Causes the specified server host to be used instead of load balancing.
- HSL::open - Open a handle for High Speed Logging communication
- HSL::send - Send data via High Speed Logging
- HTML::comment - Queries, removes HTML comment or appends/prepends it by a string.
- HTML::disable - Disables the processing of HTML for this transaction.
- HTML::enable - Enables the processing of HTML for this transaction.
- HTML::tag - Queries, removes HTML tag and appends/prepends string to it.
- HTML::tag attribute - Queries, removes and changes attribute/value pairs of this HTML tag.
- htonl - Convert the unsigned integer from host byte order to network byte order.
- htons - Convert the unsigned short integer from host byte order to network byte order.
- HTTP - iRules commands and events relating to the HTTP protocol
- HTTP::class - Returns or sets the HTTP class selected by the HTTP selector.
- HTTP::close - Closes the HTTP connection.
- HTTP::collect - Collects an amount of HTTP body data that you specify.
- HTTP::cookie - Queries for or manipulates cookies in HTTP requests and responses.
- HTTP::disable - Changes the HTTP filter from full parsing to passthrough mode.
- HTTP::enable - Changes the HTTP filter from passthrough to full parsing mode.
- HTTP::fallback - Specifies or overrides a fallback host specified in the HTTP profile.
- HTTP::has_responded - returns true if this HTTP transaction has been prematurely completed by an iRule command or other filter logic
- HTTP::header - Queries or modifies HTTP headers.
- HTTP::host - Returns the value of the HTTP Host header
- HTTP::hsts - controls HTTP Strict Transport Security
- HTTP::is_keepalive - Returns a true value if this is a Keep-Alive connection.
- HTTP::is_redirect - Returns a true value if the response is a redirect.
- HTTP::method - Returns the type of HTTP request method.
- HTTP::passthrough_reason - returns the reason for the most recent switch to pass-through mode by the HTTP filter
- HTTP::password - Returns the password part of HTTP basic authentication.
- HTTP::path - Returns or sets the path part of the HTTP request.
- HTTP::payload - Queries for or manipulates HTTP payload information.
- HTTP::proxy - controls whether the BIG-IP will handle the proxy of the connection locally or send it to a downstream pool
- HTTP::query - Returns the query part of the HTTP request.
- HTTP::redirect - Redirects an HTTP request or response to the specified URL.
- HTTP::reject_reason - returns the reason HTTP is aborting
- HTTP::release - Releases the data collected via HTTP::collect.
- HTTP::request - Returns the raw HTTP request headers.
- HTTP::request_num - Returns the number of HTTP requests that a client made on the connection.
- HTTP::respond - Generates a response to the client as if it came from the server.
- HTTP::retry - Resends a request to a server.
- HTTP::status - Returns the response status code.
- HTTP::uri - Returns or sets the URI part of the HTTP request.
- HTTP::username - Returns the username part of HTTP basic authentication.
- HTTP::version - Returns or sets the HTTP version of the request or response.
- http_cookie - Specifies the value in the Cookie: header.
- http_header - Evaluates the string following an HTTP header tag that you specify.
- http_host - Specifies the value in the Host: header of the HTTP request.
- http_method - Specifies the action of the HTTP request.
- http_uri - Specifies a URI.
- http_version - Specifies the HTTP protocol version.
- HTTP2::active - used to determine if a request is generated by HTTP/2
- HTTP2::disable - changes the HTTP2 filter from full parsing to passthrough mode
- HTTP2::disconnect - allows you to cleanly terminate the current HTTP/2 session
- HTTP2::enable - changes the HTTP2 filter from passthrough to full parsing mode
- HTTP2::push - accepts a resource as a parameter that can be pushed to the client using PUSH_PROMISE frames
- HTTP2::requests - used to determine the count of requests received in the current HTTP/2 session
- HTTP2::stream - Gets or sets the stream attributes including id and priority
- HTTP2::version - used to determine the HTTP/2 protocol version used
- HTTP2::concurrency - used to determine the number of active concurrent streams in the current HTTP/2 session
- ICAP::header - sets or returns ICAP attributes in the ICAP header
- ICAP::method - sets or returns the ICAP request method
- ICAP::status - gets the ICAP response status code
- ICAP::uri - sets or returns the ICAP request uri.
- ifile - returns content and attributes from external files on the BIG-IP system
- ILX::call - Invokes the specified node method
- ILX::init - Establishes a communication path from an iRule to the node process.
- ILX::notify - Sends a message to the specified node method but does not wait for a response
- IMAP::activation_mode - gets or sets the activation mode for IMAP STARTTLS
- IMAP::disable - disables IMAP protocol handler for IMAP message processing
- IMAP::enable - enables IMAP protocol handler for IMAP message processing
- imid - Returns an i-mode identifier string.
- IP::addr - Performs comparison of IP address/subnet/supernet to IP address/subnet/supernet. or parses 4 binary bytes into an IPv4 dotted quad address.
- IP::client_addr - Returns the client IP address of a connection
- IP::hops - Gives you the estimated number of hops the peer takes to get to you.
- IP::idle_timeout - Returns or sets the idle timeout value.
- IP::intelligence - returns a Tcl list of IP intelligence category names for a given IP address
- IP::local_addr - Returns the IP address of the virtual server the client is connected to or the self-ip LTM is connected from.
- IP::protocol - Returns the IP protocol value.
- IP::remote_addr - Returns the IP address of the host on the far end of the connection.
- IP::server_addr - Returns the server’s IP address.
- IP::stats - Supplies information about the number of packets or bytes being sent or received in a given connection.
- IP::tos - Returns the ToS value encoded within a packet.
- IP::ttl - Returns the TTL of the latest IP packet received.
- IP::version - Returns the IP version of a connection
- ip_addr - Returns the IP address of a tmm, tmm interface, localhost, etc
- ip_protocol - Returns the IP protocol value.
- ip_tos - Returns the ToS level of a packet.
- ip_ttl - Returns the TTL of the latest IP packet received.
- IPFIX::destination - open and close IPFIX logging destinations
- IPFIX::msg - create, delete and set data values in an IPFIX message based on the provided IPFIX_TEMPLATE.
- IPFIX::template - create and delete user defined IPFIX message templates
- IP::reputation - Looks up the supplied IP address in the IP intelligence (reputation) database and returns a TCL list containing reputation categories
- ISESSION::deduplication - Allows selection of deduplication based on L7 content inspection
- ISTATS::remove - Removes the given Stat entirely.
- ISTATS::get - Reads in the value associated with the given key
- ISTATS::incr - Increments the specified key by the given value.
- ISTATS::set - Set the given key’s value within ISTATS
- IVS_ENTRY::result - sends a result code to the IVS client
- L7CHECK::protocol - allows you to set or retrieve L7 protocol value
- lasthop - Sets the lasthop of an IP connection.
- LB::bias -
- LB::class - Provides the name of the traffic class that matched the connection
- LB::command - To be completed
- LB::connect -
- LB::connlimit - set the connection limit for virtual/node/poolmember
- LB::context_id - Assigns the current connection to named context.
- LB::detach - Disconnects the server side connection
- LB::down - Sets the status of a node or pool member as being down.
- LB::dst_tag - Sets the destination tag for the current request
- LB::enable_decisionlog - enables LTM decision logging
- LB::mode - Sets the load balancing mode
- LB::persist - Forces a persistence record lookup and returns the result
- LB::prime - Sets up serverside connections before client traffic comes
- LB::reselect - Selects the next available member in the current pool, based on pool Load Balancing options
- LB::select - Forces a load balancing selection and returns the result
- LB::server - Returns information about the currently selected server
- LB::snat - Returns information on the SNAT configuration of the virtual server.
- LB::src_tag - Sets the source tag for the current request
- LB::status - Returns the status of a node address or pool member.
- LB::up - Sets the status of a node or pool member as being up.
- LB::queue - Returns queue information
- LINK::lasthop - Returns the MAC address of the last hop.
- LINK::nexthop - Returns the MAC address of the next hop.
- LINK::qos - Returns the QoS level set on the packet.
- LINK::vlan_id - Returns the VLAN tag of the packet.
- link_qos - Returns the QoS level.
- listen - Sets up a related ephemeral listener to allow an incoming related connection to be established.
- llookup - returns a list of values corresponding to the given key
- local_addr - Deprecated: Use IP::local_addr instead
- log - Generates and logs a message to the syslog-ng utility.
- LSN::inbound-entry - creates and gets the inbound mapping for a translation address, translation port and protocol
- LSN::address - Set or override translation address.
- LSN::disable - Disable LSN translation.
- LSN::inbound - Disable inbound connections to translation address/port.
- LSN::persistence - Set translation selection mode and persistence timeout.
- LSN::persistence-entry - Create or lookup translation address.
- LSN::pool - Specify LSN pool for current connection.
- LSN::port - Set or override translation port.
- matchclass - Performs comparison against the contents of data group.
- matchregion - Returns true/false if specified region is matched.
- md5 - Returns the RSA MD5 Message Digest Algorithm message digest of the specified string.
- member_priority - Returns the priority of the specified pool member.
- members - List all members of a given pool for v10.x.x
- MESSAGE::field - used for operations for a message’s field
- MESSAGE::proto - returns protocol of the message
- MESSAGE::type - returns the type of the current message
- MQTT::clean_session - gets or sets the clean_session flag of MQTT CONNECT messages
- MQTT::client_id - gets or sets the client identifier of MQTT CONNECT message
- MQTT::collect - collects the specified amount of MQTT message payload data
- MQTT::disable - disables MQTT parsing on a connection
- MQTT::disconnect - disconnects the MQTT connection
- MQTT::drop - drops the current MQTT message
- MQTT::dup - gets or sets the duplicate flag of MQTT PUBLISH messages
- MQTT::enable - enables MQTT parsing on a connection
- MQTT::insert - inserts an MQTT message
- MQTT::keep_alive - gets or sets the keep_alive field of MQTT CONNECT message
- MQTT::length - gets the length of an MQTT message
- MQTT::message - returns the full content of the MQTT message
- MQTT::packet_id - gets or sets the packet-id of an MQTT message
- MQTT::password - gets or sets the password field of an MQTT CONNECT message
- MQTT::payload - manipulates the payload of an MQTT PUBLISH message
- MQTT::protocol_name - gets or sets the protocol-name of an MQTT CONNECT message
- MQTT::protocol_version - gets or sets the protocol revision level of an MQTT CONNECT message
- MQTT::qos - gets or sets the qos of MQTT PUBLISH messages
- MQTT::release - releases the data collected via MQTT::collect
- MQTT::replace - replaces an MQTT message
- MQTT::respond - transmits an MQTT message to sender
- MQTT::retain - gets or sets the retain flag of MQTT PUBLISH messages
- MQTT::return_code - gets or sets the return-code field of MQTT CONNACK messages
- MQTT::return_code_list - gets the return-code-list of MQTT SUBACK message
- MQTT::session_present - gets or sets the session_present flag of MQTT CONNACK message
- MQTT::topic - manipulates topic(s) of MQTT messages
- MQTT::type - gets the type of MQTT messages
- MQTT::username - gets or sets the username field of MQTT CONNECT messages
- MQTT::will - gets or sets the will-topic, will-message, will-qos, and will-retain fields of MQTT CONNECT messages
- MR::collect - collect the specified amount of MR message payload data.
- MR::connect_back_port - gets or sets connect_back_port for the current connection
- MR::connection_instance - returns the connection instance and the number of connections
- MR::connection_mode - returns the connection mode of the current connection
- MR::equivalent_transport - gets or sets the transport that is usable as an equivalent transport
- MR::flow_id - returns a unique identifier for the current connection
- MR::ignore_peer_port - sets or resets the ignore_peer_port mode of the current connection
- MR::instance - returns the name of the current mr_router instance
- MR::max_retries - returns the number of retries allows for this router instance
- MR::message - returns or sets details in the message routing table
- MR::payload - returns the data collected using the MR::collect command
- MR::peer - defines a peer to use for routing a message to
- MR::prime - establishes an outgoing connection to the specified host or hosts using the specified transport
- MR::protocol - returns ‘generic, ‘sip’ or ‘diameter’
- MR::release - releases the data collected via MR::collect iRule command.
- MR::restore - returns the stored variables to the current context tcl variable store
- MR::retry - sends the current message to the router for routing
- MR::return - returns the current message to the originating connection
- MR::store - stores a tcl variable with the mr_message object
- MR::stream - start egressing bytes previously collected and stored
- MR::transport - returns the name and type (virtual or config) of the transport used to configure the current connection
- NAME::lookup - Performs DNS query for A or PTR record corresponding to a hostname or IP address
- NAME::response - Returns a list of records received in response to a DNS query
- nexthop - Sets the nexthop of an IP connection.
- node - Sends the packet directly to the identified server node.
- nodes - List all nodes within a given pool
- nodes_up - Returns the number of up nodes behind a virtual server.
- NSH::context - get or set context for NSH
- NSH::mimic - Set mimic options for NSH.
- NSH::path_id - gets/sets the path id for NSH
- NSH::service_index - gets/sets the service index for NSH
- NTLM::disable - Disables processing for NTLM
- NTLM::enable - Enables processing for NTLM
- ntohl - Convert the unsigned integer from network byte order to host byte order.
- ntohs - Convert the unsigned short integer from network byte order to host byte order.
- ONECONNECT::detach - Detaches server-side OneConnect connections.
- ONECONNECT::label - Associate OneConnect keying information with connection.
- ONECONNECT::reuse - Controls server-side connection reuse
- Operators - iRules operators
- PCP::reject - provides the ability to cause a PCP reqeust to fail based on processing in the iRule
- PCP::request - provides access to the data sent in a PCP request
- PCP::response - provides access to the data in a PCP response packet
- peer - Causes the specified iRule commands to be evaluated under the peer’s (opposite) context.
- PEM::disable - disable PEM
- PEM::enable - enable PEM
- PEM::flow - retrieves specific statistics from the flow report
- PEM::session -
- PEM::policy - PEM policy initialization or retrieving of the name
- PEM::session - allows you to create or delete a PEM Session entry
- pem_dtos - Query the TAC DB for IMEI value
- PEM::subscriber - allows you to create or delete a PEM Subscriber Session entry
- persist - Causes the system to use the named persistence type to persist the connection.
- PLUGIN::disable - Disables plugin processing on the connection.
- PLUGIN::enable - Enables plugin processing on the connection.
- POLICY::controls - iRule command which returns details about the policy controls for the virtual server the iRule is enabled on
- POLICY::names - iRule command which returns details about the policy names for the virtual server the iRule is enabled on.
- POLICY::rules - Returns the policy rules of the supplied policy that had actions executed.
- POLICY::targets - Returns or sets properties of the policy rule targets for the policies associated with the virtual server that the iRule is enabled on
- pool - Causes the system to load balance traffic to the specified pool or pool member regardless of monitor status.
- pools - Returns the number of pools or a list of pools in the wideIP
- POP3::activation_mode - gets or sets the activation mode for POP3 STARTTLS
- POP3::disable - disable STARTTLS for POP3
- POP3::enable - enable STARTTLS for POP3
- priority - The priority command is used to set the order that like iRule events are executed.
- PROFILE::access - Returns the value of an access profile setting.
- PROFILE::auth - Returns the value of an authentication profile setting.
- PROFILE::clientssl - Returns the value of a Client SSL profile setting.
- PROFILE::diameter - Returns the current value of the specified setting in an assigned DIAMETER profile.
- PROFILE::exists - Determine if a profile is configured on a virtual server
- PROFILE::fasthttp - Returns the value of a Fast HTTP profile setting.
- PROFILE::fastL4 - Returns the value of a Fast L4 profile setting.
- PROFILE::ftp - Returns the value of an FTP profile setting.
- PROFILE::http - Returns the value of an HTTP profile setting.
- PROFILE::httpclass - Returns the value of an HTTP Class profile setting.
- PROFILE::oneconnect - Returns the value of a Oneconnect profile setting.
- PROFILE::persist - Returns the value of a persistence profile setting.
- PROFILE::serverssl - Returns the value of a Server SSL profile setting.
- PROFILE::stream - Returns the value of a Stream profile setting.
- PROFILE::tcp - Returns the value of a TCP profile setting.
- PROFILE::udp - Returns the value of a UDP profile setting.
- PROFILE::xml - Returns the value of an XML profile setting.
- PROFILE::httpcompression - Returns the value of an HTTP compression profile setting.
- PROFILE::webacceleration - Returns the value of an web acceleration profile setting.
- PROTOCOL_INSPECTION::disable - disables inspection of the flow
- PROTOCOL_INSPECTION::id - provides inspection match result
- PSC::attr - get the session lease time
- PSC::auth_user_name - get or set authentication user name
- PSC::calling_id - get or set calling id
- PSC::imeisv - get or set imeisv value
- PSC::imsi - get or set the imsi value
- PSC::ip_address - get/set/remove ip address(es)
- PSC::lease_time - get the session lease time ( (Note: the PSC::lease_time command currently not supported)
- PSC::policy - get/set/remove policies
- PSC::subscriber_id - get or set the subscriber id
- PSC::tower_id - get or set tower id
- PSC::user_name - get or set user name
- QOE::disable - disables the video QOE filter from processing any video or non-video traffic on a connection basis
- QOE::enable - enables the video QOE filter and allows processing video on a connection basis
- QOE::video - returns a set of video QOE attributes from teh current video connection
- qos_score - allows computation of qos_score for use in iRules
- qos_weight - allows examination and manipulation of QoS weights
- RADIUS::avp - Return or add/change/remove RADIUS av pairs
- RADIUS::code - Returns the RADIUS message code
- RADIUS::id - Returns the RADIUS message id
- AAA::acct_result - used to check whether the accounting information is sent successfully to IVS or not
- AAA::acct_send - used to send user accouting information to IVS virtual
- AAA::auth_result - used to check whether the authentication information is sent successfully to IVS or not
- AAA::auth_send - used to send user authentication information to IVS virtual
- RADIUS::rtdom - Overwrites the default RD ID in RADIUS scenario
- rateclass - Causes the system to select the specified rate class to use when transmitting packets.
- recv - Receives data from a given sideband connection
- redirect - Redirects an HTTP request to a specific location.
- reject - Causes the connection to be rejected.
- relate_client - Sets up a related established connection.
- relate_server - Sets up a related established connection.
- remote_addr - Deprecated: Use IP::remote_addr instead
- RESOLV::lookup - Performs a DNS query for A or PTR records corresponding to a hostname or IP address.
- RESOLVER::summarize -
- RESOLVER::name_lookup -
- REST::send - Send a rest request locally to the Big-IP REST Framework
- return - Causes immediate exit from the currently executing event in the currently executing iRule.
- REWRITE::disable - Changes the REWRITE plugin from full patching mode to passthrough mode.
- REWRITE::enable - Changes the REWRITE plugin from passthrough to full patching mode.
- REWRITE::payload - Queries for or manipulates REWRITE payload.
- REWRITE::post_process - Toggle post processing functionality
- rmd160 - Returns the RIPEMD-160 message digest of the specified string.
- ROUTE::age - The age of the route metrics in seconds.
- ROUTE::bandwidth - The average of the bandwidth estimates for TCP connections.
- ROUTE::clear - purges the cache on all CMPs for matching connections
- ROUTE::cwnd - returns in bytes the congestion window
- ROUTE::domain - Returns the current routing domain of the current connection.
- ROUTE::expiration - returns the expiration time in second
- ROUTE::mtu - returns in bytes the max transmission unit
- ROUTE::rtt - The average smoothed round-trip time for TCP connections.
- ROUTE::rttvar - The average variance in smoothed round-trip times for TCP connections.
- RTSP::collect - Collects the amount of data that you specify.
- RTSP::header - Manages headers in RTSP requests and responses.
- RTSP::method - Returns a method/command from the current RTSP request.
- RTSP::msg_source - Indicates whether the request or response originated from the client or the server.
- RTSP::payload - Queries for or replaces content information.
- RTSP::release - Releases the collected data.
- RTSP::respond - Sends an RTSP response to the client.
- RTSP::status - Returns the HTTP style status code from the current RTSP response.
- RTSP::uri - Returns the complete URI of the RTSP request.
- RTSP::version - Returns the version in the current RTSP request/response.
- SCTP::client_port - Returns the SCTP port/service number of the specified client.
- SCTP::collect - Collects the specified amount of content data.
- SCTP::local_port - Returns the local SCTP port/service number.
- SCTP::mss - Returns the on-wire Maximum Segment Size (MSS) for an SCTP connection.
- SCTP::payload - Returns or replaces SCTP data content.
- SCTP::ppi - Returns or sets the SCTP payload protocol indicator.
- SCTP::release - Resumes processing and flushes collected data.
- SCTP::remote_port - Returns the remote SCTP port/service number.
- SCTP::respond - Sends the specified data directly to the peer.
- SCTP::rto_initial - returns the initial value of SCTP retranmission timeout
- SCTP::rto_max - returns the maximum value of SCTP retranmission timeout
- SCTP::rto_min - returns the minimum value of SCTP retranmission timeout
- SCTP::sack_timeout - returns the SCTP’s delayed selective acknowledgement timeout
- SCTP::server_port - Returns the SCTP port/service number of the specified server.
- SDP::field - Returns the value in a given SDP field
- SDP::media - Get or set SDP media information
- SDP::session_id - Get the SDP session id
- send - Sends data on an existing sideband connection
- server_addr - Returns the IP address of the server.
- server_port - Returns the TCP port/service number of the specified server.
- serverside - Causes the specified iRule command to be evaluated under the server-side context.
- session - Utilizes the persistence table to store arbitrary information based on the same keys as persistence.
- sha1 - Returns the SHA version 1.0 message digest of the specified string.
- sha256 - Returns the Secure Hash Algorithm (SHA2) 256-bit message digest of the specified string.
- sha384 - Returns the Secure Hash Algorithm (SHA2) 384-bit message digest of the specified string.
- sha512 - Returns the Secure Hash Algorithm (SHA2) 512-bit message digest of the specified string.
- sharedvar - Allows a variable to be accessed in both sides of a VIP-targetting-VIP
- SIP::call_id - Returns the value of the Call-ID header in a SIP request.
- SIP::discard - Discard the current SIP message
- SIP::from - Returns the value of the From header in a SIP request.
- SIP::header - Get or set SIP header information
- SIP::message - Returns content of the current message
- SIP::method - Returns the type of SIP request method.
- SIP::payload - Returns the accumulated SIP data content.
- SIP::persist - returns (or replaces) the persistence key being used for the current message
- SIP::respond - Terminate a SIP response. and respond with one of your creation
- SIP::response - Get or rewrite the SIP response.
- SIP::route_status - returns the routing status of the current message
- SIP::to - Returns the value of the To header in a SIP request.
- SIP::uri - Returns or sets the URI of the request.
- SIP::via - Get SIP via header information
- SMTPS::activation_mode - gets or sets the activation mode for SMTPS
- SMTPS::disable - disables the SMTPS profile
- SMTPS::enable - enables the SMTPS profile
- snat - Causes the LTM system to assign the specified translation address to the current connection.
- snatpool - Causes the specified pool of addresses to be used as translation addresses to create a SNAT.
- SOCKS::allowed - enables the user to allow/reject SOCKS requests.
- SOCKS::destination - enables the user to query and/or set parts of the requested connection
- SOCKS::version - returns the SOCKS version
- SSL::allow_dynamic_record_sizing - Returns the currently set value for allowing dynamic record sizing
- SSL::authenticate - Overrides the current setting for authentication frequency or for the maximum depth of certificate chain traversal.
- SSL::cert - Returns X509 SSL certificate data.
- SSL::cipher - Returns SSL cipher information.
- SSL::clientrandom - returns the ClientRandom value from the Client hello
- SSL::collect - Collect plaintext data after SSL offloading
- SSL::disable - Disables SSL processing.
- SSL::enable - Re-enables SSL processing.
- SSL::extensions - Returns or manipulates SSL extensions.
- SSL::forward_proxy - sets the SSL forward proxy bypass feature to bypass or intercept.
- SSL::handshake - Halts or resumes SSL activity.
- SSL::is_renegotiation_secure - Returns the current state of SSL Secure Renegotiation.
- SSL::maximum_record_size - set or get the maximum egress record size
- SSL::mode - Gets the enabled/disabled state of SSL
- SSL::modssl_sessionid_headers - Returns a list of fields for HTTP headers
- SSL::nextproto - gets or sets the Next Protocol Negotiation (NPN) string
- SSL::payload - Returns and manipulates plaintext data collected via SSL::collect
- SSL::profile - Switch between different SSL profiles
- SSL::release - Releases the collected plaintext data
- SSL::renegotiate - Controls renegotiation of an SSL connection.
- SSL::respond - Return data back to the origin via SSL
- SSL::secure_renegotiation - Controls the SSL Secure Renegotiation mode.
- SSL::session - Drops a session from the SSL session cache.
- SSL::sessionid - Gets the SSL session ID.
- SSL::sessionsecret - returns the current SSL handshake master secret
- SSL::sessionticket - returns the session ticket associated with the SSL flow
- SSL::sni - Returns a Server Name Indication name, and require SNI support
- SSL::unclean_shutdown - Sets the value of the Unclean Shutdown setting.
- SSL::verify_result - Gets or sets the result code for peer certificate verification.
- STATS::get - Retrieves a setting value from a Statistics profile.
- STATS::incr - Increments the value of a Statistics profile setting.
- STATS::set - Sets the value of a Statistics profile setting.
- STATS::setmax - Ensures that the value of the specified Statistics profile setting (field) is at the least value.
- STATS::setmin - Ensures that the value of the specified Statistics profile setting (field) is at the most value.
- STREAM::disable - Disables the stream filter for a connection.
- STREAM::enable - Enables the stream filter for the life of the current TCP connection or until disabled.
- STREAM::encoding - Specifies non-default content encoding.
- STREAM::expression - Replaces the expression in a Stream profile with another expression.
- STREAM::match - Returns matching characters.
- STREAM::max_matchsize - Sets a maximum number of bytes that the system can buffer during partial matches.
- STREAM::replace - Changes a replacement string in the Stream profile.
- substr - A custom iRule function which returns a substring from a string
- table - The table command provides enhanced access to the session table
- tcl_platform - A variable that contains platform specific information
- TCP::abc - enable or disable TCP appropriate byte counting
- TCP::analytics - enables or disables AVR TCP stat reporting
- TCP::autowin - Sets the send and receive buffer dynamically in accordance with measured connection parameters
- TCP::bandwidth - Returns a bandwidth estimate for the peer.
- TCP::client_port - Returns the remote TCP port/service number of the clientside TCP connection.
- TCP::close - Closes the TCP connection.
- TCP::collect - Collects the specified amount of content data.
- TCP::congestion - sets the TCP congestion control algorithm
- TCP::delayed_ack - will enable or disable TCP delayed acknowledgements
- TCP::dsack - enable or disable TCP duplicate selective acknowledgements
- TCP::earlyrxmit - enable or disable TCP early retransmit
- TCP::ecn - enable or disable TCP explicit congestion notification
- TCP::enhanced_loss_recovery - enable or disable TCP enhanced loss recovery
- TCP::idletime - sets the TCP idle timeout
- TCP::limxmit - enable or disable TCP limited transmit recovery
- TCP::local_port - Returns the local TCP port/service number of a TCP connection.
- TCP::lossfilter - sets the burst and rate levels in which TCP ignores loss
- TCP::lossfilterburst - gets the TCP loss ignore burst parameter
- TCP::lossfilterrate - gets the TCP Loss Ignore Rate Parameter
- TCP::mss - Returns the on-wire Maximum Segment Size (MSS) for a TCP connection.
- TCP::nagle - Enables or disables the Nagle algorithm on the current TCP connection.
- TCP::naglemode - Returns the Nagle mode of a TCP flow.
- TCP::naglestate - returns the nagle state
- TCP::notify - Causes the USER_REQUEST or USER_RESPONSE event to be raised.
- TCP::offset - Returns the number of bytes currently held in memory via TCP::collect.
- TCP::option - Gets or sets the value of the specified option kind from the TCP header.
- TCP::pacing - enable or disable TCP rate pace
- TCP::payload - Returns or replaces TCP data content.
- TCP::proxybuffer - sets the TCP proxy buffer thresholds
- TCP::proxybufferhigh - gets the proxy buffer high threshold
- TCP::proxybufferlow - gets the proxy buffer low threshold
- TCP::push_flag - used to set/get the PUSH flag mode of a TCP connection
- TCP::rcv_scale - Returns the receive window scale advertised by the remote host
- TCP::rcv_size - The maximum receive window in bytes
- TCP::recvwnd - sets the TCP receive window
- TCP::release - Releases and flushes collected data. and resumes processing.
- TCP::remote_port - Returns the remote TCP port/service number of a TCP connection.
- TCP::respond - Sends the specified data directly to the peer.
- TCP::rexmt_thresh - gets or sets the retransmission threshold of a TCP connection
- TCP::rt_metrics_timeout - sets the metrics cache entry time to live (in seconds) for the current connection
- TCP::rto - Retransmit timer value in milliseconds
- TCP::rtt - Returns the smoothed round-trip time estimate for a TCP connection.
- TCP::rttvar - The measured RTT variance in units of “1/16 of a millisecond”.
- TCP::sendbuf - sets the TCP send buffer size
- TCP::server_port - Returns the remote TCP port/service number of the serverside TCP connection.
- TCP::setmss - sets the TCP max segment size
- TCP::snd_cwnd - returns the cwnd in bytes.
- TCP::snd_scale - Returns the receive window scale advertised by the local host.
- TCP::snd_ssthresh - The connection slow start threshold in bytes.
- TCP::snd_wnd - Returns the remote host’s advertised receive window
- TCP::unused_port - Returns an unused TCP port for the specified IP tuple.
- TDS::msg - returns TDS message data
- TDS::session - returns TDS session data
- timing - Enable and disable iRule timing statistics.
- TMM::cmp_count - Provides the active number of TMM instances running.
- TMM::cmp_group - Returns the number (0-x) of the group of the CPU executing the rule. Typically a group refers to the blade number on a chassis system. and is always 0 on other platforms.
- TMM::cmp_primary_group - returns the CMP cluster primary
- TMM::cmp_unit - Returns the number (0-x) of the CPU executing the rule.
- traffic_group - returns the current traffic group
- translate - Enables, disables, or queries (as specified) destination address or port translation
- ttl - Overrides the default time-to-live value for DNS responses
- UDP::client_port - Returns the UDP port/service number of a client system.
- UDP::debug_queue - used to enable/disable printing debug messages
- UDP::drop - Drops the current UDP packet without removing the flow from the connection table
- UDP::hold - holds back processing of input packets until UDP::release is called
- UDP::local_port - Returns the local UDP port/service number.
- UDP::max_rate - set/get the max tx rate of a UDP connection
- UDP::mss - Returns the on-wire Maximum Segment Size (MSS) for a UDP connection.
- UDP::payload - Returns the content or length of the current UDP payload.
- UDP::release - allows client-side ingress to flow following a call to UDP::hold
- UDP::remote_port - Returns the remote UDP port/service number.
- UDP::respond - Sends data directly to a peer.
- UDP::sendbuffer - set/get the maximum send buffer size of a UDP connection
- UDP::server_port - Returns the UDP port/service number of a server system.
- UDP::unused_port - Returns an unused UDP port for the specified IP tuple.
- uptime - Returns the number of seconds the local GTM has been up.
- URI::basename - Extracts the basename part of a given uri string.
- URI::compare - Compares two URI’s for equality.
- URI::decode - Returns a decoded version of a given URI.
- URI::encode - Returns an encoded version of a given URI.
- URI::host - Returns the host portion of a given URI.
- URI::path - Returns the path portion of the given URI.
- URI::port - Returns the host port from the given URI.
- URI::protocol - Returns the protocol of the given URI.
- URI::query - Returns the query string portion of the given URI or the value of a query string parameter.
- urlcatblindquery - Query the encrypted URL for URL categorization
- urlcatquery - Query the URL for URL categorization
- use - A BIG-IP 4.X statement. provided for backward-compatibility.
- VALIDATE::protocol - allows you to validate payload (traffic) to match given classification application
- virtual - Return the name of the associated virtual server or selects another virtual server.
- vlan_id - Returns the VLAN tag of the packet.
- WAM::disable - Disables Web Accelerator plugin processing on the connection.
- WAM::enable - Disables Web Accelerator plugin processing on the connection
- WEBSSO::disable - Forwards a request without doing SSO processing on it.
- WEBSSO::enable - Causes APM to do the SSO processing on a request.
- WEBSSO::select - Use specified SSO configuration object to do SSO for the HTTP request
- when - Used to specify an event in an iRule.
- whereami - Returns the datacenter name for the local GTM.
- whereis - Returns geographical information on an IP address.
- whoami - Returns the server name for the local GTM.
- wideip - Returns information about the wideIP upon which the request arrived.
- WS::collect - Collects the Websocket frame payload
- WS::disconnect - The Websocket connection is disconnected by sending a close frame to both end-points when the current frame is done
- WS::enabled - used to determine whether the Websocket processing is enabled or disabled for a particular connection
- WS::frame - various websocket frame tasks
- WS::masking - masking options for websocket payload
- WS::message - Drop an entire Websocket message.
- WS::payload - websocket payload manipulation
- WS::release - Releases the data collected via WS::collect
- WS::request - websocket request header access
- WS::response - websocket response header access
- X509::cert_fields - Returns a list of X509 certificate fields to be added to HTTP headers for ModSSL behavior.
- X509::extensions - Returns the X509 extensions set on an X509 certificate.
- X509::hash - Returns the MD5 hash (fingerprint) of an X509 certificate.
- X509::issuer - Returns the issuer of an X509 certificate.
- X509::not_valid_after - Returns the not-valid-after date of an X509 certificate.
- X509::not_valid_before - Returns the not-valid-before date of an X509 certificate.
- X509::serial_number - Returns the serial number of an X509 certificate.
- X509::signature_algorithm - Returns the signature algorithm of an X509 certificate.
- X509::subject - Returns the subject of an X509 certificate.
- X509::subject_public_key - Returns the subject’s public key of an X509 certificate.
- X509::subject_public_key_RSA_bits - Returns the size of the subject’s public RSA key of an X509 certificate.
- X509::subject_public_key_type - Returns the subject’s public key type of an X509 certificate.
- X509::verify_cert_error_string - Returns an X509 certificate error string.
- X509::version - Returns the version number of an X509 certificate.
- X509::whole - Returns an X509 certificate in PEM format.
- XLAT::listen - creates a related ephemeral listener
- XLAT::listen_lifetime - sets/gets the listener lifetime
- XLAT::src_addr - returns the string representation of the source translation address
- XLAT::src_config - returns the source translation configuration as a list
- XLAT::src_endpoint_reservation - create, update, or get reserved entry values
- XLAT::src_nat_valid_range - returns a list of lists containing valid source-translation addresses and port-ranges
- XLAT::src_port - returns the source translation port
- XML::address - Queries the elements of a WS-Addressing header within a SOAP message.
- XML::collect - Collects and parses incoming XML data.
- XML::element - Returns the name of the current in-scope XML element.
- XML::event - Returns the event name of the current context.
- XML::eventid - Returns the key used to register the current XML event.
- XML::parse - Disables all future XML parsing.
- XML::release - Releases the collected XML data.
- XML::soap - Returns information about the current SOAP message.
- XML::subscribe - Subscribes to a specified category of XML events.
Functions¶
- 20linesorless - Colin’s 20 Lines or Less Blog Series
- b64decode - Returns a string that is base-64 decoded
- b64encode - Returns a string that is base-64 encoded. or if an error occurs. an empty string.
- class - Advanced access of classes
- crc32 - Returns the crc32 checksum for the specified string.
- decode_uri - Decodes the specified string using HTTP URI encoding.
- DNS::rrname - Returns the name requested by the client.
- DNS::rrtype - Returns the resource record type requested by the client.
- domain - Parses the specified string as a dotted domain name and returns the last portions of the domain name.
- findclass - Searches a data group list for a member that starts with a specified string and returns the data-group member string.
- findstr - Finds a string within another string and returns the string starting at the offset specified from the match.
- getfield - Splits a string on a character or string. and returns the string corresponding to the specific field.
- matchclass - Performs comparison against the contents of data group.
- md5 - Returns the RSA MD5 Message Digest Algorithm message digest of the specified string.
- Project BAIU - Basic to Advanced IP & UserID Rate Limiter - World first, most advanced IP & UserID rate limiter available
- sha1 - Returns the SHA version 1.0 message digest of the specified string.
- sha256 - Returns the Secure Hash Algorithm (SHA2) 256-bit message digest of the specified string.
- sha384 - Returns the Secure Hash Algorithm (SHA2) 384-bit message digest of the specified string.
- sha512 - Returns the Secure Hash Algorithm (SHA2) 512-bit message digest of the specified string.
- substr - A custom iRule function which returns a substring from a string
- whereis - Returns geographical information on an IP address.
Operators¶
- == - Tests if one token matches another token.
- and - Performs a logical “and” comparison between two values.
- contains - Tests if one string contains another string.
- ends_with - Tests if one string ends with another string.
- equals - Tests if one string equals another string.
- if - Examines the supplied conditional and executes the following code if the result is true.
- matches_glob - Implement glob style matching within a comparison
- matches_regex - Tests if one string matches a regular expression.
- not - Performs a logical “not” on a value.
- or - Performs a logical “or” comparison between two values.
- Project BAIU - Basic to Advanced IP & UserID Rate Limiter - World first, most advanced IP & UserID rate limiter available
- starts_with - Tests if one string starts_with another string
- static - A namespace for creating global variables that hold constant values. in a CMP-compatible fashion
- switch - Evaluates one of several scripts. depending on a given value.
- “tcl operators” - Tests if one token matches another token.
- 20linesorless - Colin’s 20 Lines or Less Blog Series
- contains - Tests if one string contains another string.
- DNS - iRules commands relating to the DNS protocol
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.