Expression prefixes for VPNs and clientless VPNs

The Advanced policy engine provides prefixes that are specific to parsing VPN or Clientless VPN data. This data includes the following:

  • Host names, domains, and URLs in VPN traffic.
  • Protocols in the VPN traffic.
  • Queries in the VPN traffic.

These text elements are often URLs and components of URLs. In addition to applying the text-based operations on these elements, you can parse these elements by using operations that are specific to parsing URLs. For more information, see Expressions for extracting segments of URLs

The following table describes the expression prefixes for this type of data.

VPN and Clientless VPN Expression Description
VPN.BASEURL.CVPN_DECODE Extracts the original URL from a clientless VPN URL.
VPN.BASEURL.CVPN_ENCODE Converts a URL to clientless VPN format.
VPN.BASEURL.HOSTNAME Extracts the HTTP host name from the host name in the URL. This prefix cannot be used in bidirectional policies.
VPN.BASEURL.HOSTNAME.DOMAIN Extracts the domain name from the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, this prefix extracts mycompany.com. This prefix returns incorrect results if the host name is an IP address. For information on expressions for IP addresses, see “Default Syntax Expressions: IP and MAC Addresses, Throughput, VLAN IDs.” All text operations after this prefix are case insensitive.
VPN.BASEURL.HOSTNAME.EQ (\<hostname\>) Returns a Boolean TRUE if the host name matches \<hostname\>. The comparison is case insensitive. For example, if the host name is www.mycompany.com, the following returns TRUE: vpn.baseurl.hostname.eq("www.mycompany.com"). If the text mode is URLENCODED, the host name is decoded before comparison. For more information, see “Operations for HTTP, HTML, and XML Encoding and “Safe” Characters.”
VPN.BASEURL.HOSTNAME.SERVER Evaluates the server portion of the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the server is www.mycompany.com. All text operations after this prefix are case insensitive.
VPN.BASEURL.PATH Extracts a slash- (/) separated list from the path component of the URL. For example, this prefix extracts /a/b/c/mypage.html from the following URL: <http://www.mycompany.com/a/b/c/mypage.html?a=1>. The following expression selects just the “a”: http.req.url.path.get(1). For more information on the GET operation, see “Expressions for Extracting Segments of URLs.”
VPN.BASEURL.PATH.IGNORE_EMPTY_ELEMENTS This prefix ignores the elements in a list. For example, the following comma-separated list has an empty element after “a=10”: a=10,,b=11, ,c=89. The element following b=11 contains a space, and by default, is not considered an empty element. Consider the following HTTP header: Cust_Header : 123,,24, ,15. The following expression returns a count of 4 when evaluating this header: http.req.header(“Cust_Header”).typecase_list_t(‘,’).ignore_empty_elements.count. The following expression returns a count of 5 when evaluating this header: http.req.header(“Cust_Header”).typecase_list_t(‘,’). count
VPN.BASEURL.PATH_AND_QUERY Evaluates the text in the URL that follows the host name. For example, if the URL is <http://www.mycompany.com/a/b/c/mypage.html?a=1>, this prefix evaluates /a/b/c/mypage.html?a=1.
VPN.BASEURL.PROTOCOL Evaluates the protocol in the URL. Do not use this prefix in bidirectional policies.
VPN.BASEURL.QUERY Extracts a name-value list, using the “=” and “&” delimiters from the query string in a URL.
VPN.BASEURL.QUERY.IGNORE_EMPTY_ELEMENTS This method ignores the empty elements in a name-value list. For example, in the following name-value list, there is an empty element following “a=10”: a=10;;b=11; ;c=89. The element following b=11 contains a space and is not considered an empty element. Consider the following HTTP header: Cust_Header : a=1;;b=2; ;c=3. The following expression produces a count of 4 after evaluating this header: http.req.header(“Cust_Header”).typecast_nvlist_t(‘=’,’;’).ignore_empty_elements.count. The following expression produces a count of 5 after evaluating the header: http.req.header(“Cust_Header”).typecast_nvlist_t(‘=’,’;’).
VPN.BASEURL.SUFFIX Evaluates the file name suffix in a URL. For example, if the path is /a/b/c/my.page.html, this operation selects “html.”
VPN.CLIENTLESS_BASEURL Evaluates the clientless VPN base URL.
VPN.CLIENTLESS_BASEURL.CVPN_DECODE Extracts the original URL from the clientless VPN formatted URL.
VPN.CLIENTLESS_BASEURL.CVPN_ENCODE Converts a URL to the clientless VPN format.
VPN.CLIENTLESS_BASEURL.HOSTNAME Evaluates the host name in the URL. Do not use this prefix in bidirectional policies.
VPN.CLIENTLESS_BASEURL.HOSTNAME.DOMAIN Evaluates the domain name part of the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the domain is mycompany.com. This operation returns incorrect results if the host name is an IP address. For information on expressions for IP addresses, see “Default Syntax Expressions: IP and MAC Addresses, Throughput, VLAN IDs..” All text operations after this prefix are case insensitive.
VPN.CLIENTLESS_BASEURL.HOSTNAME.EQ(<hostname>) Returns a Boolean TRUE if the host name matches <hostname>. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the following is true: vpn.clientless_baseurl. hostname.eq("www.mycompany.com") The comparison is case insensitive. If the textmode is URLENCODED, the host name is decoded before comparison. For more information, see “Operations for HTTP, HTML, and XML Encoding and “Safe” Characters.”
VPN.CLIENTLESS_BASEURL.HOSTNAME.SERVER Evaluates the server part of a host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the server is www.mycompany.com. All text operations after this prefix are case insensitive.
VPN.CLIENTLESS_BASEURL.PATH Evaluates a slash- (/) separated list in the URL path. For example, this prefix selects /a/b/c/mypage.html from the following URL: <http://www.mycompany.com/a/b/c/mypage.html?a=1>. The following expression selects “a” from the preceding URL: http.req.url.path.get(1). For more information on the GET operation, see “Expressions for Extracting Segments of URLs.”
VPN.CLIENTLESS_BASEURL.PATH.IGNORE_EMPTY_ELEMENTS Ignores empty elements in a list. For example, if the list delimiter is a comma (,) the following list has an empty element following “a=10”: a=10,b=11, ,c=89. The element following b=11 contains a space and is not considered an empty element.. Consider the following HTTP header: Cust_Header : 123,,24, ,15. The following expression returns a value of 4 after evaluating this header: http.req.header(“Cust_Header”).typecast_list_t(‘,’).ignore_empty_elements.count. The following expression returns a value of 5 after evaluating this header: http.req.header(“Cust_Header”).typecast_list_t(‘,’).
VPN.CLIENTLESS_BASEURL.PATH_AND_QUERY Evaluates the text following the host name in a URL. For example, this prefix selects /a/b/c/mypage.html?a=1 from the following URL: <http://www.mycompany.com/a/b/c/mypage.html?a=1>
VPN.CLIENTLESS_BASEURL.PROTOCOL Evaluates the protocol in the URL. Do not use this prefix in bidirectional policies.
VPN.CLIENTLESS_BASEURL.QUERY Extracts a name-value list that uses the delimiters “=” and “&” from a URL query string.
VPN.CLIENTLESS_BASEURL.QUERY.IGNORE_EMPTY_ ELEMENTS Ignores empty elements in a name-value list. For example, the following list contains an empty element after “a=10”: a=10;;b=11; ;c=89. The element following b=11 contains a space and is not considered an empty element. As another example, consider the following http header: Cust_Header : a=1;;b=2; ;c=3. The following expression returns a value of 4 after evaluating the preceding header: http.req.header(“Cust_Header”).typecast_nvlist_t(‘=’,’;’).ignore_empty_elements.count. The following expression returns a value of 5 after evaluating the preceding header: http.req.header(“Cust_Header”).typecast_nvlist_t(‘=’,’;’)
VPN.CLIENTLESS_BASEURL.SUFFIX Evaluates the file suffix in a URL. For example, if the URL path is /a/b/c/mypage.html then this operation selects html.
VPN.CLIENTLESS_HOSTURL Selects the clientless VPN host URL.
VPN.CLIENTLESS_HOSTURL.CVPN_DECODE Selects the original URL from the clientless VPN formatted URL.
VPN.CLIENTLESS_HOSTURL.CVPN_ENCODE Converts a URL to clientless VPN format.
VPN.CLIENTLESS_HOSTURL.HOSTNAME Extracts the host name in the URL. Do not use this prefix in bidirectional policies.
VPN.CLIENTLESS_HOSTURL.HOSTNAME.DOMAIN Extracts the domain name from the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the domain is mycompany.com. This operation returns incorrect results if the host name contains an IP address. For information on expressions for IP addresses, see “Default Syntax Expressions: IP and MAC Addresses, Throughput, VLAN IDs.” All text operations after this prefix are case insensitive.
VPN.CLIENTLESS_HOSTURL.HOSTNAME.EQ(<hostname>) Results in Boolean TRUE if the host name matches the \<hostname\> argument. The comparison is case insensitive. For example, if the host name is www.mycompany.com or www.mycompany.com., the following expression returns TRUE: vpn.clilentless_hosturl. hostname.eq("www.mycompany.com"). If the text mode is URLENCODED, the host name is decoded before comparison. For more information, see “Operations for HTTP, HTML, and XML Encoding and “Safe” Characters.”
VPN.CLIENTLESS_HOSTURL.HOSTNAME.SERVER Evaluates the server part of the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the server is www.mycompany.com.. The comparison is case insensitive, and all text operations after this method are case insensitive.
VPN.CLIENTLESS_HOSTURL.PATH Evaluates a slash- (/) separated list on the path component of the URL. For example, consider the following URL: <http://www.mycompany.com/a/b/c/mypage.html?a=1>. This prefix selects /a/b/c/mypage.html from the preceding URL.
VPN.CLIENTLESS_HOSTURL.PATH.IGNORE_EMPTY_ELEMENTS This method ignores the empty elements in a list. For example, if the delimiter in a list is “,” the following list contains an empty element after the entry “a=10”: a=10,b=11, ,c=89. The element following b=11 contains a space and is not considered an empty element. Consider the following header: Cust_Header : 123,,24, ,15. The following expression returns a value of 4 for this header: http.req.header(“Cust_Header”).typecast_list_t(‘,’). ignore_empty_elements.count. The following expression returns a value of 5 for the same header: http.req.header(“Cust_Header”).typecast_list_t(‘,’).
VPN.CLIENTLESS_HOSTURL.PATH_AND_QUERY Evaluates the portion of the URL that follows the host name. For example, consider the following URL: <http://www.mycompany.com/a/b/c/mypage.html?a=1>. This prefix returns /a/b/c/mypage.html?a=1 from the preceding URL.
VPN.CLIENTLESS_HOSTURL.PROTOCOL Evaluates the protocol in the URL. Do not use this prefix in bidirectional policies.
VPN.CLIENTLESS_HOSTURL.QUERY Extracts a name-value list, using the “=” and “&” delimiters from a URL query string.
VPN.CLIENTLESS_HOSTURL.QUERY.IGNORE_EMPTY_ ELEMENTS Ignores empty elements in a name-value list. For example, the following list uses a semicolon (;) delimiter. This list contains an empty element after “a=10”: a=10;;b=11; ;c=89. In the preceding example, the element following b=11 is not considered an empty element. Consider the following header: Cust_Header : a=1;;b=2; ;c=3. The following expression returns a value of 4 after evaluating this header: http.req.header(“Cust_Header”).typecast_nvlist_t(‘=’,’;’).ignore_empty_elements.count. The following expression returns a value of 5 after evaluating the same header: http.req.header(“Cust_Header”).typecast_nvlist_t(‘=’,’;’)
VPN.CLIENTLESS_HOSTURL.SUFFIX Extracts a file name suffix in a URL. For example, if the path is /a/b/c/my.page.html, this prefix selects html.
VPN.HOST.DOMAIN Extracts the domain name part of the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the domain is mycompany.com. This prefix returns incorrect results if the host name contains an IP address. For information on expressions for IP addresses, see “Default Syntax Expressions: IP and MAC Addresses, Throughput, VLAN IDs.” All text operations after this prefix case insensitive.
VPN.HOST.EQ(<hostname>) Returns a Boolean TRUE value if the host name matches the <hostname>. The comparison is case insensitive. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the following returns TRUE: vpn.host.eq(“www.mycompany.com”). If the text mode is URLENCODED the host name is decoded before comparison. For more information, see “Operations for HTTP, HTML, and XML Encoding and “Safe” Characters.”
VPN.HOST.SERVER Extracts the server name part of the host name. For example, if the host name is www.mycompany.com or www.mycompany.com:8080, the server is www.mycompany.com. All text operations after this prefix are case insensitive.

Expression prefixes for VPNs and clientless VPNs

In this article