ltm rule
ltm rule(1) BIG-IP TMSH Manual ltm rule(1)
NAME
rule - Configures an iRule for traffic management system configuration.
MODULE
ltm
SYNTAX
Configure the rule component within the ltm module using the syntax
shown in the following sections.
CREATE/MODIFY
create rule [name]
edit rule [name]
modify rule [ [ [name] | [glob] | [regex] ] ... ]
Note: When using tmsh, you can only create iRules using the editor,
which starts when you use the create or edit commands. You cannot
create an iRule directly on the command line. The vim editor applies
the autoindent and smartindent options. You can toggle on/off paste
mode using the F12 key.
Note: You can also edit user metadata associated with an iRule. See the
example section for more information.
DISPLAY
list rule
list rule [ [ [name] | [glob] | [regex] ] ... ]
show running-config rule
show running-config rule [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
show rule
show rule [ [ [name] | [glob] | [regex] ] ... ]
options:
(default | exa | gig | kil | meg | peta | raw | tera | yotta | zetta)
field-fmt
mv rule [ [[source-name] [destination-name]] | [[name] to-folder [folder-name]] | [[name...name] to-folder [folder-name]] ]
options:
to-folder
DELETE
delete rule [name]
GENERATE
generate rule [name]
options:
checksum
signature
HELP help rule help rule [ command | event | namespace ] [name]
DESCRIPTION
You cannot edit the system rules that come with the BIG-IP system.
However, you can open a system rule in the editor and use it as a
template to create a new rule.
To create a new rule using a system rule as a template:
1. Enter the command sequence edit rule [system rule name].
tmsh opens the system rule in an editor.
2. Change the name of the rule in the editor.
3. Edit the rule and exit the editor.
tmsh checks for syntax errors, and if there are none, it saves the
new rule.
For more information about iRules(r), see http://devcentral.f5.com/.
EXAMPLES
list rule
Displays all iRules.
delete rule my_irule
Deletes the iRule named my_irule.
rule my_irule {
when RULE_INIT {
}
priority 1
when SERVER_CONNECTED {
}
timing on
check strict
}
Creates an iRule named my_irule.
generate rule my_irule checksum
Generates a checksum for the rule definition and adds the checksum to
the rule.
generate rule my_irule signature signing-key my_key
Generates a signature for the rule definition using the specified
private key and adds the signature to the rule.
Note: For a rule that includes a checksum or signature to successfully
load, the rule definition contents must match the stored checksum or
signature. To modify the rule definition and still retain the checksum
or signature, the ignore-verification attribute must be set to true.
This is done by editing the rule and adding the ignore-verification
attribute, which allows the modified rule to load and changes the
verification status to Not Verified:
rule my_irule {
when RULE_INIT {}
definition-checksum 7c0dba9aa53e8959042c6cfe041d3d11
ignore-verification true }
Modifies an existing iRule named my_irule by adding a new metadata and
modifying an existing metadata:
modify rule my_irule {
when RULE_INIT {}
definition-checksum 7c0dba9aa53e8959042c6cfe041d3d11
metadata replace-all-with {
my_meta { persist false
value "hello"
}
my_meta2 { persist false
value "hello 2"
}
} }
The metadata attribute is the user defined key/value pair. Metadata has
the following format:
metadata
[add | delete | modify] {
[metadata_name] {
value [ "value content" ]
persist [ true | false ]
} }>
Deletes a metadata from an iRule:
modify rule my_irule {
when RULE_INIT {}
definition-checksum 7c0dba9aa53e8959042c6cfe041d3d11
metadata delete { my_meta } }
mv /ltm rule /Common/my_rule to-folder /Common/some_folder
Moves an iRule named my_rule to the folder named some_folder, where
some_folder has already been created under /Common.
Note: Please note that you may not move an iRule that has an explicit
usage of a configuration object, such as a pool.
OPTIONS
checksum
Generates a checksum for the rule definition and adds the checksum
to the rule. This option is used only with the generate command.
glob Displays the items that match the glob expression. See help glob
for a description of glob expression syntax.
name Specifies a unique name for the component. This option is required
for the create, delete, and modify commands.
regex
Displays the items that match the regular expression. The regular
expression must be preceded by an at sign (@[regular expression])
to indicate that the identifier is a regular expression. See help
regex for a description of regular expression syntax.
signature
Generates a signature for the rule definition using the specified
private key and adds the signature to the rule as a property. This
option is used only with the generate command.
signing-key
Specifies the private key to use for signing the rule. This is
used only with the signature option.
meta-data
Specifies the user-defined key/value pair associated with the
rule. See the example section for usage format.
app-project
Specifies the dev plugin this rule belongs to. This is a read-only
attribute.
SEE ALSO
create, delete, edit, generate, glob, list, modify, mv, regex, show,
tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013. All rights
reserved.
BIG-IP 2015-10-07 ltm rule(1)