wam policy
wam policy(1) BIG-IP TMSH Manual wam policy(1)
NAME
policy - Configures an acceleration policy for WebAccelerator.
MODULE
wam
SYNTAX
Configure the policy component within the wam module using the syntax
shown in the following sections.
CREATE/MODIFY
create policy [name]
modify policy [name]
options:
app-service [[string] | none]
code [integer]
copy-from [name]
description [string]
nodes [add | delete | modify | replace-all-with] {
[name] {
options:
always-proxy [yes | no]
app-service [[string] | none]
assembly-compression [enable | disable]
assembly-compression-ows [enable | disable]
assembly-concatenation [enable | disable]
assembly-concatenation-sets [string ] ...
assembly-css-inlining [enable | disable]
assembly-css-inlining-urls [string ] ...
assembly-css-reorder [enable | disable]
assembly-css-reorder-cache-size [integer]
assembly-css-reorder-urls [string ] ...
assembly-dns-prefetch [enable | disable]
assembly-dns-prefetch-domain-lists [add | delete | replace-all-with] {
[string] ...
}
assembly-dns-prefetch-https-enable [enable | disable]
assembly-dns-prefetch-https-automatic [enable | disable]
assembly-ibr [enable | disable]
assembly-image-inlining [enable | disable]
assembly-image-inlining-max-size [integer]
assembly-image-inlining-urls [string ] ...
assembly-js-inlining [enable | disable]
assembly-js-inlining-urls [string ] ...
assembly-js-reorder [enable | disable]
assembly-js-reorder-cache-size [integer]
assembly-js-reorder-urls [string ] ...
assembly-intelligent-client-cache [enable | disable]
assembly-icc-force [enable | disable]
assembly-icc-image-max-size [integer]
assembly-icc-css-inlining-max-size [integer]
assembly-icc-js-inlining-max-size [integer]
assembly-icc-max-num-urls [integer]
assembly-icc-min-client-expiry [integer]
assembly-minification [enable | disable]
assembly-multiconnect [enable | disable]
assembly-on-proxies [enable | disable]
assembly-pdf-linearization [enable | disable]
cache-complete-only [enable | disable]
cache-first-hit [yes | no]
cache-mode [memory-and-disk | memory-only]
cache-priority [low | medium | high]
cache-stand-in-period [integer]
code [integer]
coherency [blade | cluster]
defaults-from [name]
description [string]
jpeg-quality-is-relative [yes | no]
jpeg-quality [integer]
jpeg-strip-keeps-copyright [yes | no]
jpeg-strip-exif [no | yes | if-safe | make-safe]
jpeg-sampling factor [preserve | 1x1 | 2x1 | 1x2 | 2x2]
jpeg-progressive-encoding [yes | no]
jpegxr-quality [integer]
lifetime-cache-control-extensions
[add | delete | replace-all-with] {
[string] ...
}
lifetime-cache-control-extensions none
lifetime-cache-max-age [integer]
lifetime-honor-ows [yes | no]
lifetime-honor-ows-values
[add | delete | replace-all-with] {
[all-values | no-cache | no-store | no-transform |
max-age | must-revalidate | private | proxy-revalidate |
s-maxage] ...
}
lifetime-honor-ows-values none
lifetime-honor-request [yes | no]
lifetime-honor-request-values
[add | delete | replace-all-with] {
[all-values | no-cache | no-store | no-transform |
max-age | max-stale | min-fresh] ...
}
lifetime-honor-request-values none
lifetime-http-heuristic [percentage]
lifetime-insert-no-cache [yes | no]
lifetime-preserve-response [yes | no]
lifetime-preserve-response-values
[add | delete | replace-all-with] {
[all-values | no-cache | no-store | no-transform |
max-age | must-revalidate | private | proxy-revalidate |
s-maxage | custom-extension] ...
}
lifetime-preserve-response-values none
lifetime-response-max-age [integer]
lifetime-response-s-maxage [integer]
lifetime-stand-in-codes
[add | delete | replace-all-with] {
[HTTP response code] ...
}
lifetime-stand-in-codes none
lifetime-use-heuristic [yes | no]
object-max-size [integer | from-profile]
object-min-size [integer | from-profile]
optimize-for-client [yes | no]
options { [hidden | nodelete | nowrite] ...}
order [integer]
response-codes-cached
[add | delete | replace-all-with] {
[HTTP response code] ...
}
viewstate-cache [yes | no]
viewstate-cache-size [integer]
viewstate-tag [string]
video-optimization-fast-start [enable | disable]
video-optimization-max-bitrate [integer]
video-optimization-insert-ad [enable | disable]
video-optimization-preroll-ad [enable | disable]
video-optimization-ad-frequency [integer]
video-acceleration-ad-policy [string]
webp-quality [integer]
matching [add | modify | delete | replace-all-with] {
[host | path | extension | method:[name] |
query-param:[name] | unnamed-query-param:[name] |
path-segment:[name] | cookie:[name] |
user-agent | referrer | protocol | header:[name] |
client-ip | content-type] {
options:
app-service [[string] | none]
arg-alias [string]
arg-direction [left-to-right | right-to-left]
arg-name [string]
arg-ordinal [number]
description [string]
value-case-sensitive [yes | no]
values [add | modify | delete | replace-all-with] {
[ [regex] | [string] ] {
options:
app-service [[string] | none]
can-be-empty [yes | no]
can-be-missing [yes | no]
invert-match [yes | no]
}
}
values none
}
}
matching none
optimize-image [none | to-jpeg | to-gif | to-png | to-tiff]
png-256-colors [yes | no]
request-queueing [enable | disable]
variation [add | modify | delete | replace-all-with] {
[host | extension | method:[string] |
query-param:[name] | unnamed-query-param:[name] |
path-segment:[name] | cookie:[name] |
user-agent | referrer | protocol | header:[name] |
client-ip ] {
options:
app-service [[string] | none]
arg-alias [string]
arg-all [yes | no]
arg-ambiguous-as-unnamed [yes | no]
arg-direction [left-to-right | right-to-left]
arg-name [string]
arg-ordinal [number]
description [string]
value-case-sensitive [yes | no]
values [add | modify | delete | replace-all-with] {
[ [regex] | [string] ] {
options:
app-service [[string] | none]
cache-as [same | different]
can-be-empty [yes | no]
can-be-missing [yes | no]
invert-match [yes | no]
match-all [yes | no]
}
}
values none
}
}
variation none
[ proxy | proxy-override ]
[add | modify | delete | replace-all-with] {
[host | extension | method:[name] |
query-param:[name] | unnamed-query-param:[name] |
path-segment:[name] | cookie:[name] |
user-agent | referrer | protocol | header:[name] |
client-ip] {
options:
app-service [[string] | none]
arg-alias [string]
arg-direction [left-to-right | right-to-left]
arg-name [string]
arg-ordinal [number]
description [string]
value-case-sensitive [yes | no]
values [add | modify | delete | replace-all-with] {
[ [regex] | [string] ] {
options:
app-service [[string] | none]
can-be-empty [yes | no]
can-be-missing [yes | no]
invert-match [yes | no]
}
}
values none
}
}
[ proxy | proxy-override ] none
substitutions [add | modify | delete | replace-all-with] {
[name] {
options:
app-service [[string] | none]
description [string]
dst-alias [string]
dst-direction [left-to-right | right-to-left]
dst-name [string]
dst-ordinal [number]
dst-type [query-param | unnamed-query-param | path-segment]
dst-urls [add | delete | replace-all-with] {
[URI] ...
}
dst-urls none
src-alias [string]
src-direction [left-to-right | right-to-left]
src-name [string]
src-ordinal [number]
src-type
[ randomizer | request-url | query-param |
unnamed-query-param | path-segment ]
src-url [absolute | relative]
}
}
substitutions none
invalidations [add | modify | delete | replace-all-with] {
[name] {
options:
active [yes | no]
app-service [[string] | none]
broadcast [no | yes]
description [string]
cache-content [add | modify | delete | replace-all-with] {
[host | path | extension | method:[name] |
query-param:[name] | unnamed-query-param:[name] |
path-segment:[name] | cookie:[name] |
user-agent | referrer | protocol | header:[name] |
client-ip] {
options:
app-service [[string] | none]
arg-alias [string]
arg-direction [left-to-right | right-to-left]
arg-name [string]
arg-ordinal [number]
description [string]
value-case-sensitive [yes | no]
request-data-alias [string]
request-data-direction [left-to-right | right-to-left]
request-data-name [string]
request-data-ordinal [number]
request-data-type
[ host | path | extension | method |
query-param | unnamed-query-param |
path-segment | cookie | user-agent |
referrer | protocol | header |
client-ip ]
values [add | modify | delete | replace-all-with] {
[ [regex] | [string] ] {
options:
app-service [[string] | none]
can-be-empty [yes | no]
can-be-missing [yes | no]
invert-match [yes | no]
}
}
values none
}
}
}
}
}
partition [name]
publish-build [integer]
publish-comment [string]
published-on [date]
Note: Policies can be created only in the Drafts folder. This is
required to support publishing functionality. You may create multiple
Drafts folders, one for each folder where published policies are going
to reside.
DISPLAY
list policy [name ...]
show running-config policy [name ...]
options:
all-properties
non-default-properties
partition
predefined
state
DELETE
delete policy [name ...]
SAVE/LOAD
save policy [name]
load policy [name]
options:
overwrite
file [filename]
PUBLISH
publish policy [name]
options:
publish-comment [string]
publish-build [integer]
Note: Published policies can be deleted, but cannot be modified. The
only way to update a published policy is to edit and then publish its
development version.
DESCRIPTION
You can use the policy component to manage WebAccelerator acceleration
policies. An acceleration policy is a collection of defined rule
parameters that dictate how the WebAccelerator system handles HTTP
requests and responses. The WebAccelerator system uses two types of
rules to manage content: matching rules and acceleration rules.
Matching rules are used to classify requests by object type and match
the request to a specific acceleration policy. Once matched to an
acceleration policy, the WebAccelerator system applies the associated
acceleration rules to manage the requests and responses. There are
multiple types of acceleration rules: variation, proxy, proxy override,
parameter value substitution, and invalidation. The WebAccelerator
system ships with several predefined acceleration policies that are
optimized for specific Web applications, in addition to several non-
application specific policies for general delivery and one for an
optional symmetric deployment.
EXAMPLES
Note: For the following examples, the current folder is assumed to be
set to /Common.
create policy "Drafts/My Policy"
Creates a new empty policy named My Policy in the folder
/Common/Drafts.
create policy "Drafts/My Policy" copy-from "/Common/Generic Policy -
Complete"
Creates a new policy My Policy in the folder /Common/Drafts by copying
standard system policy /Common/Generic Policy - Complete.
modify policy "Drafts/My Policy" copy-from "/Common/Generic Policy -
Complete"
Modifies the policy My Policy by overwriting it with standard system
policy /Common/Generic Policy - Complete.
modify policy "Drafts/My Policy" nodes add { "My Node" { default-from
Site }}
Adds a new node My Node as the child node of the node Site.
modify policy "Drafts/My Policy" nodes modify { "My Node" { matching
add { content-type { values add { pages.other }}}}}
Adds a new matching rule into the node My Node. The rule will match
content type of the requests to WAM object type pages.other.
publish policy "Drafts/My Policy" publish-comment "Added new node My
Node"
Publishes the policy My Policy.
modify policy "Drafts/My Policy" nodes delete { "My Node" }
Deletes the node My Node from the policy My Policy.
delete policy "My Policy"
Deletes the policy My Policy.
save policy "My Policy" file policy.txt
Saves the policy My Policy into the file /var/local/wam/policy.txt.
load policy "Drafts/My Policy" overwrite file /tmp/policy.txt
Loads the policy My Policy from the file /tmp/policy.txt and overwrites
the policy if it already exists.
POLICY OPTIONS
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
code Specifies a numeric non-zero code of the policy that is used for
troubleshooting and performance reporting. Each policy must have a
unique code. If not supplied, it will be generated by the system.
Use the keyword generate to specify that the system generate a new
unique code.
copy-from
Specifies the name of an existing policy from which to copy all
configuration options. If this field is used in the modify
command, the configuration options of the existing policy will be
replaced with the new ones. The code, state, publish-build,
publish-comment, and published-at options are not updated.
description
User defined description of a policy.
nodes
Specifies the collection of policy nodes. Matching rules and
acceleration rules for acceleration policies are organized on the
Policy Tree, which consists of nodes. The structure of the Policy
Tree supports a parent-child relationship. This enables you to
easily randomize rules. That is, because a leaf node in a Policy
Tree inherits all the rules from its root node and branch node,
you can quickly create multiple leaf nodes that contain the same
rule parameters by creating a branch with multiple leaf nodes. If
you override or create new rules at the branch node level, the
WebAccelerator system reproduces those changes to the associated
leaf nodes.
partition
Displays the administrative partition within which the policy
resides.
publish-build
Specifies the policy build version that was used during policy
publishing. If not specified, this number is automatically
incremented by the WebAccelerator system.
publish-comment
Specifies the user supplied comment that describes the changes in
the policy that is being published.
published-on
Specifies the date and time when this policy was last published.
file Specifies the file name where the policy is going to be saved or
loaded from. If a full path is not specified, it is set to
/var/local/wam directory.
overwrite
Specifies that the policy file for the save command or the policy
component for the load command can be overwritten if it exists.
NODE OPTIONS
always-proxy
Specifies that all requests matching this node must be proxied. If
it enabled, proxy rules are not used, even if configured. proxy-
override rules still apply.
app-service
Specifies the name of the application service to which this node
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete this node. Only the application
service can modify or delete this node.
assembly-compression
Specifies, when enabled, that the WebAccelerator system compresses
content for responses, using gzip-encoding. Note that to use this
feature, you must set the compress value for the response's object
type in the corresponding object-type component, and the client
must be able to accept gzip-encoded content. The default value is
enabled.
assembly-compression-ows
Specifies, when enabled, that the WebAccelerator system requests
gzip-encoded or deflate-encoded content from the origin Web
server. Note that the origin Web server will comply only if it
supports compression, otherwise it will reply with uncompressed
content. The default value is disabled.
assembly-concatenation
Specifies, when enabled, that the WebAccelerator system will
perform JavaScript/CSS concatenation in HTML documents. The URLs
that may be concatenated are specified using the assembly-
concatenation-sets option. See the WebAccelerator documentation
for more details. The default value is disabled.
assembly-concatenation-sets
Specifies the concatenation sets that are active for this node. If
a URL in the HTML document that belongs to one of the enabled sets
is found, it will transformed with concatenation using the URL of
the configured set. This is an ordered set, and if the URL exists
in multiple active concatenation sets, the first set specified by
this option will be used. See the WebAccelerator documentation for
more details.
assembly-css-inlining
Specifies, when enabled, that the WebAccelerator system will
inline CSS URLs in HTML documents. The CSS URLs that may be
inlined are specified using the assembly-css-inlining-urls option.
See the WebAccelerator documentation for more details. The default
value is disabled.
assembly-css-inlining-urls
Specifies the CSS URLs that may be inlined.
assembly-css-reorder
Specifies, when enabled, that the WebAccelerator system will
reorder CSS URLs to the HEAD section of HTML documents. The CSS
URLs that may be reordered are specified using the assembly-css-
reorder-urls option. See the WebAccelerator documentation for more
details. The default value is disabled.
assembly-css-reorder-cache-size
Specifies the size of the intermediate cache used to store CSS
URLs being reordered. Increasing the size of this cache allows
more CSS URLs to be reordered. The default value is 8kB. The
maximum value is 8kB.
assembly-css-reorder-urls
Specifies the CSS URLs that may be reordered. The URLs must be
fully-qualified and whitespace used to separate URLs. The URLs
must correspond to WebAccelerator URL resources created by the
command create wam resource url. See the help for wam resource
url.
assembly-dns-prefetch
Specifies, when enabled, that the WebAccelerator system
manipulates an HTML document to add DNS prefetch tags at the end
of the head. The DNS prefetch tags added are the combined list of
domain lists specified in assembly-dns-prefetch-domain-lists. DNS
prefetch tags will not be inserted in the following conditions:
when DNS prefetching is explicitly disabled in the document,
either by an HTTP header or by a meta-tag in the head of the HTML
document; when the connection is served over HTTPS without
assembly-dns-prefetch-https-enable enabled; or when the connection
is to a client browser that does not support DNS prefetching.
In a document, most browsers will perform DNS prefetching on all
domains linked with an HREF. This will speed up performance by
having the browser cache possible DNS resolutions before a client
clicks on a link, but DNS prefetching cannot automatically occur
when a link is created through other means (such as javascript).
Inserting DNS prefetch tags addresses this issue.
The default value is disabled.
assembly-dns-prefetch-domain-lists
Specifies the lists of domains that will be inserted into a
document. The domain lists must correspond to WebAccelerator
domain list resources created by the command create wam resource
domain-list. See the help for wam resource domain-list.
assembly-dns-prefetch-https-enable
Specifies, when enabled, that the WebAccelerator system
manipulates an HTML document to add DNS prefetch tags at the end
of the head when a document is served over HTTPS when the client
browser supports DNS prefetching. By default, most browsers that
support DNS prefetching will not do any DNS prefetching on pages
served over HTTPS. Enabling assembly-dns-prefetch-https-enable
will insert a meta-header that will turn on DNS prefetching on the
page and a meta-header turning of DNS prefetching for the rest of
the page. DNS prefetching cannot be turned on for the rest of an
HTML document once the meta-header turning of DNS prefetching is
reached.
DNS prefetching is turned off on most browsers serving pages over
HTTPS by default as a security measure. DNS prefetching can be
used to track which pages are seen over HTTPS by watching the
domain resolution requests sent out by the client. According to
DNS prefetch standards currently, turning on DNS prefetching on a
page will cause all links in the page to have their domains
prefetched. This is mitigated by this option with the insertion of
an HTTP meta-header turning off DNS prefetching after the DNS tags
inserted by the WebAccelerator system. Turning on DNS prefetching
for the rest of the page in a request served over HTTPS can be
done with the assembly-dns-prefetch-https-automatic option.
The default value is disabled.
assembly-dns-prefetch-https-automatic
Specifies, when enabled, that the WebAccelerator system will not
insert a meta-tag into an HTML document served over HTTPS turning
off DNS prefetching for the rest of a page. By default, most
browsers that support DNS prefetching will not do any DNS
prefetching on pages served over HTTPS. assembly-dns-prefetch-
https-enable must be enabled for this option to work.
The default value is disabled.
assembly-ibr
Specifies, when enabled, that the WebAccelerator system
manipulates the Web browser cache to reduce requests to your site
for relatively static content, such as images and style sheet
(CSS) files. The default value is enabled.
assembly-image-inlining
Specifies, when enabled, that the WebAccelerator system will
inline image URLs in CSS documents. The image URLs that may be
inlined are specified using the assembly-image-inlining-urls
option. See the WebAccelerator documentation for more details. The
default value is disabled.
assembly-image-inlining-max-size
Specifies the maximum size of the image that is allowed to be
inlined. The default value is 2kB. The maximum value is 8kB.
assembly-image-inlining-urls
Specifies the image URLs that may be inlined.
assembly-js-inlining
Specifies, when enabled, that the WebAccelerator system will
inline JS URLs in HTML documents. The JS URLs that may be inlined
are specified using the assembly-js-inlining-urls option. See the
WebAccelerator documentation for more details. The default value
is disabled.
assembly-js-inlining-urls
Specifies the JS URLs that may be inlined.
assembly-js-reorder
Specifies, when enabled, that the WebAccelerator system will
reorder JavaScript URLs to the end of HTML documents. The
JavaScript URLs that may be reordered are specified using the
assembly-js-reorder-urls option. See the WebAccelerator
documentation for more details. The default value is disabled.
assembly-js-reorder-cache-size
Specifies the size of the intermediate cache used to store
JavaScript URLs being reordered. Increasing the size of this cache
allows more JavaScript URLs to be reordered. The default value is
8kB. The maximum value is 8kB.
assembly-js-reorder-urls
Specifies the JavaScript URLs that may be reordered. The URLs must
be fully-qualified and whitespace used to separate URLs. The URLs
must correspond to WebAccelerator URL resources created by the
command create wam resource url. See the help for wam resource
url.
assembly-intelligent-client-cache
Specifies, when enabled, that the WebAccelerator system will
Intelligent Client Cache HTML documents. See the WebAccelerator
documentation for more details. The default value is disabled.
assembly-icc-force
Specifies, when enabled, that the WebAccelerator system will
Intelligent Client Cache HTML documents, even if the client does
not support HTML5 localstorage. See the WebAccelerator
documentation for more details. The default value is disabled.
assembly-icc-image-max-size
Specifies the maximum size of the image that is allowed to be
inlined as part of Intelligent Client Caching. The default value
is 32kB. The maximum value is 50kB.
assembly-icc-css-max-size
Specifies the maximum size of the CSS that is allowed to be
inlined as part of Intelligent Client Caching. The default value
is 50kB. The maximum value is 1024kB.
assembly-icc-js-max-size
Specifies the maximum size of the JS that is allowed to be inlined
as part of Intelligent Client Caching. The default value is 50kB.
The maximum value is 1024kB.
assembly-icc-max-num-urls
Specifies the maximum number of links in an HTML document that are
allowed to be inlined as part of Intelligent Client Caching. The
default value is 10. The maximum value is 100.
assembly-icc-min-client-expiry
Specifies the minimum client expiry of a resource that is allowed
to be inlined as part of Intelligent Client Caching. The default
value is 2days.
assembly-minification
Specifies, when enabled, that the WebAccelerator system will
minify JavaScript and CSS.
assembly-multiconnect
Specifies, when enabled, that the WebAccelerator system modifies
embedded URLs with unique sub-domains that prompt the browser to
open more persistent connections for each supported protocol (HTTP
or HTTPS). To use this feature, you must configure DNS with the
additional domains and map those domains to the same IP address as
the base origin server. The default value is enabled.
assembly-on-proxies
Specifies, when enabled, that the WebAccelerator system applies
the Content Compression and Intelligent Browser Referencing
features (if enabled) to content served to clients, even if the
content is not served from the WebAccelerator system's cache.
Enable this option if you are using the Content Compression or
Intelligent Browser Referencing features. The default value is
enabled.
assembly-pdf-linearization
Specifies, when enabled, that the WebAccelerator system applies
linearization on PDF documents, if the documents match the node
matching rules. PDF linearization transforms the document to
include the index of the pages in the beginning. This allows Web
browsers to load and show specific pages rather than a whole
document. See the WebAccelerator documentation for more details.
The default value is disabled.
optimize-image
Specifies whether image optimization should be applied and the
format conversion to use. Each of the 4 supported formats (JPEG,
PNG, GIF, TIFF) can be converted to any of the others. Images
using a capability unique to one format may lose that feature when
converted to a format that does not support it. (For example,
animated GIFs or multipage-TIFFs will have only the first image
when converted to PNG or JPEG). Transparency will be lost when
converting from GIF or PNG to JPEG. TIFF is a container for many
different image formats so the results will be best-effort and may
not list completely.
A converted image will likely have a different number of bytes
after conversion. Some conversions are likely to produce fewer
bytes; however, a requested conversion will be done even if it
results in more bytes (for consistency). For example, you may want
to offer multiple formats of an image without storing them all on
a server.
A correct Content-Type header will be generated for converted
images, but HTML files will not be rewritten.
optimize-for-client Specifies whether to allow conversion to a format
and/or size which is optimum for the specific client making the request
but which, if saved by that client and later sent elsewhere, might not
be appropriate.
webp-quality WebP is a "lossy" compression format. This means when you
convert an image to a WebP and then convert it back, you will not get
back exactly the same image you started with. Compression changes the
amount of information stored (and therefore the number of bytes), but
not the image dimensions (the number of pixels). The webp-quality
attribute represents the absolute quality of the WebP produced.
Compression (quality) is represented as a number between 1-100 where 1
is minimal quality, but small, and 100 is high-quality, but large. For
most images, useful values of quality will be from about 30-70.
jpegxr-quality JPEG-XR is a "lossy" compression format. This means when
you convert an image to a JPEG-XR and then convert it back, you will
not get back exactly the same image you started with. Compression
changes the amount of information stored (and therefore the number of
bytes), but not the image dimensions (the number of pixels). The
jpegxr-quality attribute represents the absolute quality of the JPEG-XR
produced. Compression (quality) is represented as a number between
1-100 where 1 is minimal quality, but small, and 100 is high-quality,
but large. For most images, useful values of quality will be from about
5-30.
jpeg-quality-is-relative =item jpeg-quality
JPEG is a "lossy" compression format. This means when you convert
an image to a JPEG and then convert it back, you will not get back
exactly the same image you started with. Compression changes the
amount of information stored (and therefore the number of bytes),
but not the image dimensions (the number of pixels). When jpeg-
quality-is-relative is set to no, the jpeg-quality attribute
represents the absolute quality of the JPEG produced. Compression
(quality) is represented as a number between 1-100 where 1 is
minimal quality, but small, and 100 is high-quality, but large.
For most images, useful values of quality will be from about
30-100. Because information once lost cannot be regained,
converting a low-quality JPEG to a higher quality is pointless and
image optimization will prevent that (by not changing the original
to a higher JPEG quality).
You might be unable to choose a specific absolute quality for JPEG
images. When jpeg-quality-is-relative is set to yes, the relative
JPEG quality setting is enabled. In this case, jpeg-quality is a
percentage (a number between 1-100) that when multiplied by each
JPEG's original quality, becomes its optimized quality.
jpeg-strip-exif
JPEG files have a header (called EXIF) that contains optional data
such as a date, time, camera model, exposure settings, and so on.
The EXIF header can also contain a color profile, which is
required when included. EXIF headers can be small or large. Unless
they contain a color profile, they do not affect displaying the
image, and so can be removed if the loss of the information they
contain is acceptable. There are four options for this setting:
no Leaves any EXIF headers alone.
yes Always strips EXIF headers.
if-safe
Only strips EXIF headers if they do not have color profiles
(ensures that images display properly).
make-safe
Applies the color profile and then strips the EXIF header
(typically decreases image file size). Applying a color
profile requires additional CPU time.
jpeg-strip-keeps-copyright This setting affects the meaning of jpeg-
strip-exif. If it is set, stripping the EXIF header will strip
everything except the Copyright notice (if one is present).
jpeg-sampling-factor
Sets the sampling factor to be used when producing JPEG images.
The default value is preserve, which matches the original file.
You can also explicitly specify this option, as it can sometimes
improve compression.
jpeg-progressive-encoding
When enabled, progressive encoding will be used in JPEG images.
For large JPEG files, this can improve compression. When this is
enabled, it will be applied only if the file is large enough to
improve compression.
png-256-colors
It is often possible to significantly reduce the size of PNG files
without changing their appearance very much by reducing the number
of colors to 256 optimally selected values. This optimization is
enabled when png-256-colors is set to yes.
cache-complete-only
Specifies, when enabled, that the WebAccelerator system caches
HTML pages only if the HTML code within the page contains begin
and end tags. When disabled, the WebAccelerator system reviews
HTTP response headers to determine if the information contained on
the page is complete. The default value is enabled.
cache-first-hit
Specifies that the first response should be cached according to
the policy caching settings. When this is off, the response is
cached when more than one request for the document has been seen.
Turning this on can reduce cache churn for unpopular documents.
The default value is no.
cache-mode
Specifies how where the cached documents will be stored. The
default value is memory-and-disk. Possible values are:
memory-and-disk
The cached documents will be stored in memory or on disk.
memory-only
The cached documents will be stored in memory only.
cache-priority
Specifies the cache admission priority of documents matching the
policy node. Documents with high priority are more likely to be
admitted into the cache. The default value is medium. Possible
values are:
low Documents will have low priority.
medium
Documents will have medium priority.
high Documents will have high priority.
cache-stand-in-period
Specifies the amount of time that the WebAccelerator system
continues to serve content from cache if the origin Web server
does not respond to the WebAccelerator system's requests for fresh
content. The default value is 0 (zero), which means the
WebAccelerator system responds to requests for expired content
with a HTTP 404 error.
code Specifies a numeric non-zero code for the node that is used for
troubleshooting and performance reporting. All nodes must have
unique codes within the policy. If not supplied, the code will be
generated by the system. Use the keyword generate to specify that
the system generate a new unique code.
coherency
Specifies if the WebAccelerator system will attempt to keep
content matching the associated node in sync across the blades of
a cluster. The default behavior is to keep content in sync.
blade
The cached documents will not be kept coherent across blades.
This causes each blade to have its own copy of a given cached
document.
cluster
The cached documents will be kept coherent across blades.
This causes the cluster to have single version of a given
cached document.
defaults-from
Specifies the node that you want to use as the parent node. Your
new node inherits all options and values from the parent node
specified. The default value is none, which means this is a root
node.
description
User defined description of a node.
invalidations
Specifies the collection of invalidations rules. Invalidations
rules enable you to expire cached content before it has reached
its time-to-live (TTL) value. This is useful when content updates
are event-driven, such as when an item is added to a shopping
cart, a request contains a new auction bid, or a poster has
submitted content on a forum thread. Invalidations rules can be
created only on leaf nodes.
lifetime-cache-control-extensions
Enables you to configure extension tokens to be added to the
cache-control header of HTTP response. The WebAccelerator system
does not process any of these extensions. It is possible that the
origin Web server will send cache-control extensions as well. You
can choose whether to preserve them by including the custom-
extension in the lifetime-preserve-response-values list.
lifetime-cache-max-age
Specifies the amount of time that the WebAccelerator system serves
content from the cache before requesting fresh content from the
origin Web server. The default value is 4 hours.
lifetime-honor-ows
Specifies, if enabled, that the WebAccelerator system honors
certain cache-control directives from the origin Web server
response to determine cache lifetime. The default value is
disabled.
lifetime-honor-ows-values
Specifies which Cache-Control directive from the origin Web server
response will determine cache lifetime. Available directives are
all-values, private, no-cache, no-store, must-revalidate, proxy-
revalidate, max-age, s-maxage, and expires. This option is only
effective if lifetime-honor-ows is enabled.
lifetime-honor-request
Specifies, if enabled, that the WebAccelerator system honors
certain Cache-Control directives from the client's browser request
to determine cache lifetime. The default value is enabled.
lifetime-honor-request-values
Specifies which cache-control directive from client's browser
request will determine cache lifetime. Available directives are
all-values, no-cache, no-store, max-age, max-stale, and min-fresh.
This option is only effective if lifetime-honor-request is
enabled. The default values are max-age, max-stale, and min-fresh.
lifetime-http-heuristic
Specifies the percentage, based on the HTTP Last-Modified header,
that the WebAccelerator system uses to compute TTL values for
cached content. For example, if content was modified 30 days ago
and the lifetime-http-heuristic option is set to 50%, the
WebAccelerator system caches the content for 15 days. This option
is applicable only if you use the HTTP Last-Modified headers to
identify content lifetime. The default value is 50%. This option
is effective only if lifetime-use-heuristic is enabled.
lifetime-insert-no-cache
Specifies, when enabled, that the WebAccelerator system inserts a
no-cache directive into the HTTP Cache-Control header, which stops
the client's browser from locally caching content. This value
overrides the HTTP Cache-Control header cache directives sent to
the client by the origin Web server.
lifetime-preserve-response
Specifies, if enabled, that the WebAccelerator system preserves
certain Cache-Control directives from the origin Web server and
includes them into client's browser response. The default value is
enabled.
lifetime-preserve-response-values
Specifies which Cache-Control directive from the origin web server
response will be preserved in response to the client's web
browser. Available directives are all-values, private, no-cache,
no-store, must-revalidate, proxy-revalidate, max-age, s-maxage,
expires, and custom-extension. This option is only effective if
lifetime-preserve-response is enabled. The default value is all-
values.
lifetime-response-max-age
Specifies, when enabled, the amount of time that the client's
browser should locally store content. This value overrides the
max-age and expires the directives in the HTTP Cache-Control
header that are sent to the client by the origin web server, only
if the new value for the max-age is greater than the value
supplied by the origin web server. Modify this value only if there
is an acceptable trade off between the freshness of the content
served to clients and overall site performance.
lifetime-response-s-maxage
Specifies, when enabled, the amount of time that the client's
browser should locally store shared content. This value overrides
the s-maxage and expires the directives in the HTTP Cache-Control
header that are sent to the client by the origin web server, only
if the new value for the s-maxage is greater than the value
supplied by the origin web server. Modify this value only if there
is an acceptable trade off between the freshness of the shared
content served to clients and overall site performance.
lifetime-stand-in-codes
Specifies that the WebAccelerator system is allowed to serve stale
content from the cache if it is not able to re-validate its
freshness with the origin web server. The WebAccelerator system
serves invalid content to the downstream proxies or clients if the
response code from the origin web server matches one of codes
specified with this option. This option is effective only if
cache-stand-in-period has a non-zero value. The default values are
404, 500, and 504.
lifetime-use-heuristic
Specifies, when enabled, that the WebAccelerator system uses the
percentage from lifetime-use-heuristic option to compute TTL
values for cached content. The default value is no.
matching
Specifies the collection of matching rules. The rules consist of
the HTTP request data type parameters that the WebAccelerator
system uses to match an incoming HTTP request to a specified node.
The following types of HTTP parameters are available for matching
rules: host, path, extension, query-param, unnamed-query-param,
path-segment, cookie, user-agent, referrer, protocol, method,
header, client-ip, and content-type.
object-min-size
Specifies the minimum object size required in order for content
matching the associated node to eligible for caching. The default
behavior is to use the minimum object size specified by the
associated web-acceleration profile.
object-max-size
Specifies the maximum object size allowed for content matching the
associated node in order to eligible for caching. The default
behavior is to use the maximum object size specified by the
associated web-acceleration profile.
order
Specifies the order of the node in the Policy Tree. All nodes in
the policy must have an order. The order numbers are sequential,
staring from 2. Orders 0 and 1 are reserved for internal use. The
child node orders must be greater than the order of their parent
node. You can change the order of the nodes by updating the order
option of the node that you would like to move. The system honors
the specified order if it falls within the range of sibling node
orders. Otherwise, the system picks the closest valid order
number. The remaining nodes are automatically re-ordered to free
requested order number. The node order is also used as a last
resort to determine which node to use when multiple nodes match
the request. The node with a lower order wins. New nodes have
their order assigned automatically to make them last among their
siblings.
proxy
Specifies the collection of proxy rules. In general, proxy rules
options are relevant to only requests that match their node,
rather than to matched responses. The following types of HTTP
parameters are available for proxy rules: host, query-param,
unnamed-query-param, path-segment, cookie, user-agent, referrer,
protocol, method, header, and client-ip.
proxy-override
Specifies the collection of proxy override rules. You can define
proxy override rules and associated conditions under which the
WebAccelerator system should ignore proxying rules options. The
following types of HTTP parameters are available for proxy
override rules: host, query-param, unnamed-query-param, path-
segment, cookie, user-agent, referrer, protocol, method, header,
and client-ip.
request-queueing
Specifies, when enabled, that the WebAccelerator system will queue
requests for expired or new documents and proxy fewer requests to
the origin web server (OWS). If the response is cachable, the
response will be served to all waiting requests; if not, the
waiting requests will proxy normally.
response-codes-cached
Specifies the collection of HTTP response codes that determine
whether the WebAccelerator system should cache the content. The
valid codes are 300, 301, 302, 307, and 410. The codes 200, 201,
203, and 207 are included into the list implicitly. The default
values are 300 and 301.
substitutions
Specifies the collection of parameter value substitution rules.
Some requested pages include hyperlinks that require that specific
information appear in the response. You can configure parameter
value substitution so that when a query parameter contains
identification information for a sites visitors, it prompts the
WebAccelerator system to serve different content for the request,
based on the specific visitor. Conversely, if parameter value
substitution is not configured, the WebAccelerator system uses the
value that it cached for the original request, for all subsequent
requests after the first, even if the subsequent requests have
different values that should be used in the response.
If you configure parameter value substitution, the WebAccelerator
system changes the targeted parameters value on the page served
from the cache, so that the parameter you specify appears on the
URL embedded in that page.
variation
Specifies the collection of variation rules. When the
WebAccelerator system caches responses from the origin web server,
it uses certain HTTP request parameters to create a Unique Content
Identifier (UCI). The WebAccelerator system stores the UCI in the
form of a compiled response and uses the UCI to easily match
future requests to the correct content in its cache. You can
configure variation rules to add or modify the parameters on which
the WebAccelerator system bases its caching process. If the
WebAccelerator system receives two requests that are identical
except for the value of a query parameter defined in the variation
rule, it creates a different UCI for each, and caches each
response under its unique UCI. The following types of HTTP
parameters are available for variation rules: host, query-param,
unnamed-query-param, path-segment, cookie, user-agent, referrer,
protocol, method, header, and client-ip.
viewstate-cache
Specifies, when enabled, that the WebAccelerator system
accelerates requests and responses for Web form objects that are
generated by ASP.NET web applications. Because the file size of
forms can be significant, the WebAccelerator system is able to
cache and substitute values, thus reducing the file size and
achieving faster performance.
viewstate-cache-size
Specifies the size of the ViewState object cache in kilobytes. The
default value is 100 kilobytes.
viewstate-tag
Specifies the name of the web form field where the ViewState
object is stored. The default value is __VIEWSTATE.
video-optimization-fast-start
Specifies when enabled, that the WebAccelerator system optimizes
video by prefetching.
video-optimization-max-bitrate
Specifies, the maximum bitrate of video that can be allowed in
kilobits per sec. The default value is 0.
video-optimization-insert-ad
Specifies, when enabled, that the WebAccelerator system can insert
ad into the video.
video-optimization-preroll-ad
Specifies, when enabled, that the WebAccelerator system can insert
ad at the beginning of the video.
video-optimization-ad-frequency
Specifies the frequency of ad insertion. Units in seconds.
video-optimization-ad-policy
Specifies the ad policy applicable when processing the video.
type Displays the node type. The possible types are:
branch
The branch nodes exist only for the purpose of propagating
rule parameters to leaf nodes. The WebAccelerator system does
not perform matching against branch nodes. Branch nodes can
have multiple leaf (child) nodes, as well as child branch
nodes.
leaf A leaf node inherits rule parameters from its parent branch
node. The WebAccelerator system performs matching only
against leaf nodes, and then applies the leaf nodes
corresponding acceleration rules to the request.
HTTP PARAMETERS
Both matching and acceleration rules are identified by the type, and
optionally, by the name of HTTP parameters that are used inside the
rules. The following types of HTTP parameters are available:
content-type
A rule that uses the content-type parameter is based on type
definitions in the object-type components. Unlike the HTTP request
data types, a matching rule based on content type is specific to
the content type parameter that the WebAccelerator system
generates for a response. You specify the regular expression that
you want a response's content type to match.
client-ip
A rule that uses the client IP parameter is based on the IP
address of the client making the request. The IP address, however,
may not always be the address of the client that originated the
request. For example, if the client goes through a proxy server,
the IP address is the IP address of the proxy server, rather than
the client IP address that originated the request. If several
clients use a specific proxy server, they all appear to come from
the same IP address.
cookie:[name]
A rule that uses the cookie parameter is based on a particular
cookie that you identify by name, and for which you provide a
value to match against. This value is usually literal and must
appear on the cookie in the request or in a regular expression
that matches the request's cookie that appears on the cookie HTTP
request headers. These are the same names you use to set the
cookies, using the HTTP Set-Cookie response headers. The HTTP
request can contain multiple cookies, and the rule identifier must
include the name of the cookie separated with colon (:).
extension
A rule that uses the extension parameter is based on the value
that follows the far-right period, in the far-right segment key of
the URL path.
header:[name]
A rule that uses the header parameter is based on a particular
header that you identify by name and for which you provide a value
to match against. You can use an HTTP request data type header
parameter to create rules based on any request header other than
one of the recognized HTTP request data types. The HTTP request
can contain multiple headers, and the rule identifier must include
the name of the header separated with colon (:).
host A rule that uses the host parameter is based on the value provided
for the HTTP Host request header field. This header field
describes the DNS name that the HTTP request is using.
method
A rule that uses the method parameter is based on whether the
request uses the GET or POST method.
query-param:[name]
A rule that uses the query parameter is based on a particular
query parameter that you identify by name and for which you
provide a value to match against. The value is usually literal and
must appear on the query parameter in the request, or in a regular
expression that matches the requests query parameter value. The
query parameter can be in a request that uses GET or POST methods.
The HTTP request can contain multiple query parameters, and the
rule identifier must include the name of the header separated with
colon (:).
path A rule that uses the path parameter is based on the path portion
of the URI. The path is defined as everything in the URL after the
host and up to the end of the URL, or up to the question mark
(whichever comes first).
path-segment:[name]
A segment is the portion of a URI path that is delimited by a
forward slash (/). For example, in the path:
/apps/search/full/complex.jsp, apps, search, full, and complex.jsp
all represent path segments. The path can contain multiple
segments so the rule identifier must include the name of the
segment separated with colon (:). The name can be a segment
ordinal or some other string to distinguish it from other segments
rules in the same node.
protocol
A rule that uses the protocol parameter is based on whether the
request uses the HTTP or HTTPS protocol.
referrer
A rule that uses the referrer parameter is based on the value
provided for the HTTP Referer in the request header. (Note the
misspelling of Referer. This spelling is defined for this request
header in all versions of the HTTP specification.) This header
provides the URL location that referred the client to the page
that the client is requesting. You do not typically base rules on
the Referer request header, unless you want your sites behavior to
be dependent on the specific referrer. For example, one
implementation would be for sites that provide different branding
for their pages based on the user's web portal or search engine.
unnamed-query-param:[name]
An unnamed query parameter is a query parameter that has no equal
sign. That is, only the query parameter value is provided in the
URL of the request. The HTTP request may contain multiple unnamed
query parameters so the rule identifier must include the name of
it separated with colon (:). The name can be the ordinal of
unnamed query parameter or some other string that can make it
distinguishable from other unnamed query parameter rules in the
same node.
user-agent
A rule that uses the user agent parameter is based on the value
provided for the HTTP User-Agent in the request header, which
identifies the browser that sent the request.
RULE OPTIONS
active
Specifies, when enabled, that the invalidation trigger rule is
enabled. You can use this option to disable a specific
invalidation trigger rule temporary, without removing it from the
policy.
arg-all
Specifies, when enabled, that the rule matches all HTTP parameters
of this type rather than one identified by arg-name or arg-
ordinal. This option is applicable to variation rules query-param,
unnamed-query-param, path-segment, cookie, and header. Such rules
serve as a fallback case for defining document variation. All root
nodes must include one variation rule of each type with this
option enabled. The default value is disabled.
arg-alias
src-alias
dst-alias
request-data-alias
Specifies the user supplied alias for rules that use ordinals to
identify HTTP request data. These include the unnamed-query-param
and path-segment rules. The src-alias and dst-alias options are
used in parameter value substitution rules to define aliases for
the source and target definitions correspondingly. The request-
data-alias option defines an alias for the invalidation trigger
rules.
arg-direction
src-direction
dst-direction
request-data-direction
Specifies the direction that the WebAccelerator system uses to
count the ordinal of path-segment. The src-direction and dst-
direction options are used in parameter value substitution rules
to define the ordinal direction for the source and target
definitions correspondingly. The request-data-direction option
defines the ordinal direction for the invalidation trigger rules.
The default value is left-to-right. The possible values are:
left-to-right
The path segment is counted form left to right.
right-to-left
The path segment is counted form right to left.
arg-name
src-name
dst-name
request-data-name
Specifies the name of the parameter type for query-param, cookie,
and header. If not specified, arg-name option is initialized from
the rule name. This option is not effective if arg-all is enabled.
The src-name and dst-dst options are used in parameter value
substitution rules to define the parameter name for the source and
target definitions correspondingly. The request-data-name option
defines the parameter name for the invalidation trigger rules.
arg-ordinal
src-ordinal
dst-ordinal
request-data-ordinal
Specifies, in the form of a number, the location of a parameter
for unnamed-query-param and path-segment rules. The numbering
starts at 1 and follows the direction specified in the
corresponding direction option. This option is not effective if
arg-all is enabled. The src-ordinal and dst-ordinal options are
used in parameter value substitution rules to define the parameter
ordinal for the source and target definitions correspondingly. The
request-data-ordinal option defines the parameter ordinal for the
invalidation trigger rules.
broadcast
Specifies whether a triggered invalidation rule is broadcast to
other members of a multibox deployment. This option is only
effective when the application using this policy has multibox set
to farm or symmetric.
cache-content
Specifies the parameter for which the WebAccelerator system must
obtain fresh content when the invalidations rule is triggered. The
available request types are: host, path, extension, query-param,
unnamed-query-param, path-segment, cookie, user-agent, referrer,
protocol, method, header, and client-ip.
Note: You must select and configure the path parameter for the
cached content to invalidate, or the invalidations rule will fail
to trigger. All other parameters are optional.
description
User-defined description of a rule.
dst-type
Specifies the HTTP parameter type to use as target definition for
the request value substitution rule. A target definition contains
a value in the embedded URL that you want the WebAccelerator
system to replace with the value that you specified for the source
definition, during assembly. The possible values are:
path-segment
Specifies that the WebAccelerator system targets the URL
parameter, as specified by the dst-ordinal and dst-direction
you define.
query-param
Specifies that the WebAccelerator system targets the URL
parameter, as specified by the dst-name you define.
unnamed-query-param
Specifies that the WebAccelerator system substitutes the URL
parameter, as specified by the dst-ordinal you define.
dst-urls
Specifies the collection of URLs in the request for which you want
the WebAccelerator system to replace content.
request
Specifies a parameter in the request that triggers the
invalidations rule. The available request types are: host, path,
extension, query-param, unnamed-query-param, path-segment, cookie,
user-agent, referrer, protocol, method, header, and client-ip.
Note: You must select and configure the path parameter for the
request header criteria, or the invalidations rule will fail to
trigger. All other parameters are optional.
request-data-type
Specifies the HTTP request parameter value that the WebAccelerator
system should find in its cache and for which it should request
updated content from the origin Web server. The default value is
undefined.
The following types of HTTP parameters are available:
host
query-param
unnamed-query-param
path-segment
cookie
user-agent
referrer
header
client-ip
Specifies that the WebAccelerator system should use the
corresponding value from the request that triggered the
invalidation. Additional data, if required to identify the
value, must be specified in the request-data-name, request-
data-ordinal, and request-data-direction options. The values
option is ignored.
undefined
Specifies that the WebAccelerator system should not use any
values from the request that triggered the invalidation. You
must add a value into the values option with which to compare
the cached content.
src-type
Specifies the HTTP parameter type to use as source definition for
the request value substitution rule. A source definition contains
the value that the WebAccelerator system embeds in the URL, in
place of the cached (target definition) value, during
substitution. Typically, the source definition is a specific
request element, such as a particular query parameter; however,
you can specify another source type, such as a random number. The
possible values are:
path-segment
Specifies that the WebAccelerator system substitutes the URL
parameter, as specified by the src-ordinal and src-direction
options you define.
query-param
Specifies that the WebAccelerator system substitutes the URL
parameter, as specified by the src-name option you define.
randomizer
Specifies that the WebAccelerator system generates a random
number and places that number on the targeted location in an
embedded URL.
request-url
Specifies that the WebAccelerator system is limited to
target-specific URLs embedded in a page, as defined in the
prefix that an embedded URL must match before the
WebAccelerator system performs substitution. If you use the
request URL as the source, the WebAccelerator system uses the
entire request URL as the value to substitute.
unnamed-query-param
Specifies that the WebAccelerator system substitutes the URL
parameter, as specified by the src-ordinal option you define.
src-url
Specifies whether the request URL is a relative URL or an absolute
URL. The default value is absolute.
value-case-sensitive
Specifies, when enabled, that the HTTP parameter must be matched
against supplied value(s) in case sensitive manner. The default
value is no.
values
Values are a collection of rule parameters that enable you to
specify different parameter values for the same rule. Most rules
allow only one value, while variation rules support multiple
values. Each value can prompt a different behavior by the
WebAccelerator system. All variation rules must include at least
one value with match-all option enabled. A value can be
represented by actual string, regex, or multiple strings, or
regexes separated by space ( ).
RULE VALUE OPTIONS
can-be-empty
Specifies, when enabled, that the defined HTTP request parameter
is included in the request, but has no value (is an empty string).
The default value is no.
can-be-missing
Specifies, when enabled, that the defined HTTP request parameter
is absent from the request. The default value is no.
invert-match
Specifies, when enabled, that the defined HTTP request parameter
does not match the associated regular expression that you defined.
The default value is no.
match-all
Specifies, when enabled, that the defined HTTP request parameter
matches all possible values. This option is available only for
variation rule values as a fallback case. Each variation rule must
have at least one value with this option enabled. The default
value is no.
cache-as
Specifies whether the associated value should prompt the
WebAccelerator system to reply to matched requests with the same
or different content. This option is available only for variation
rule values.
SEE ALSO
create, delete, edit, list, modify, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2010-2013, 2016. All rights
reserved.
BIG-IP 2016-03-14 wam policy(1)