- Action Analytics
AppExpert Applications and Templates
- How AppExpert application works
- Get started with AppExpert
Customize AppExpert Configuration
- Configure public endpoints
- Configure services and service groups for an application unit
- Create application units
- Configure application unit rules
- Configure policies for application units
- Configure application units
- Configure public endpoints for an application
- Specify the order of evaluation of application units
- Configure persistency groups for application units
- View AppExpert applications and configure entities by using application visualizer
- Configure user authentication
- Monitor NetScaler statistics
- Delete an AppExpert application
- Configure application authentication, authorization, and auditing
- Set up a custom NetScaler application
Creating and Managing Template Files
- Exporting an AppExpert Application to a Template File
- Exporting a Content Switching Virtual Server Configuration to a Template File
- Creating Variables in Application Templates
- Uploading and Downloading Template Files
- Understanding NetScaler Application Templates and Deployment Files
- Deleting a Template File
- NetScaler Gateway Applications
Customizing the Configuration
- Configuring Public Endpoints
- Configuring Endpoints for an Application Unit
- Configuring Services and Service Groups
- Configuring Services, Service Groups, and Load Balancing Parameters for an Application Unit
- Creating Application Units
- Configuring Application Unit Rules
- Configuring Policies for Application Units
- Configuring Application Units
- Configuring Public Endpoints for an application
- Specifying the Order of Evaluation of Application Units
- Configuring Persistency Groups for Application Units
- Viewing AppExpert Applications and Configuring Entities by Using the Application Visualizer
- Configuring an Entity Template
- Creating an Entity from a Template
- Managing Entity Template Folders
- Uploading and Downloading Entity Templates
- Understanding Load Balancing Entity Templates and Deployment Files
- How an HTTP Callout Works
- Notes on the Format of HTTP Requests and Responses
- Configuring an HTTP Callout
- Verifying the Configuration
- Invoking an HTTP Callout
- Avoiding HTTP Callout Recursion
- Caching HTTP Callout Responses
- Use Case: Filtering Clients by Using an IP Blacklist
- Use Case: ESI Support for Fetching and Updating Content Dynamically
- Use Case: Access Control and Authentication
- Use Case: OWA-Based Spam Filtering
- Use Case: Dynamic Content Switching
- Pattern Sets and Data Sets
- Sample Usage
Policies and Expressions
- Introduction to Policies and Expressions
Configuring Advanced Policy Infrastructure
- Rules for Names in Identifiers Used in Policies
- Creating or Modifying a Policy
- Policy Configuration Examples
- Binding Policies Using Advanced Policy
- Unbinding a Policy
- Creating Policy Labels
- Configuring a Policy Label or Virtual Server Policy Bank
- Invoking or Removing a Policy Label or Virtual Server Policy Bank
- Configuring and Binding Policies with the Policy Manager
Configuring Advanced Policy Expression: Getting Started
- Basic Elements of an Advanced Policy Expression
- Compound Advanced Policy Expressions
- Specifying the Character Set in Expressions
- Classic Expressions in Advanced Policy Expressions
- Configuring Advanced Policy Expressions in a Policy
- Configuring Named Advanced Policy Expressions
- Configuring Advanced Policy Expressions Outside the Context of a Policy
- Advanced Policy Expressions: Evaluating Text
Advanced Policy Expressions: Working with Dates, Times, and Numbers
- Format of Dates and Times in an Expression
- Expressions for the NetScaler System Time
- Expressions for SSL Certificate Dates
- Expressions for HTTP Request and Response Dates
- Generating the Day of the Week, as a String, in Short and Long Formats
- Expression Prefixes for Numeric Data Other Than Date and Time
- Converting Numbers to Text
- Virtual Server Based Expressions
Advanced Policy Expressions: Parsing HTTP, TCP, and UDP Data
- About Evaluating HTTP and TCP Payload
- Expressions for Identifying the Protocol in an Incoming IP Packet
- Expressions for HTTP and Cache-Control Headers
- Expressions for Extracting Segments of URLs
- Expressions for HTTP Status Codes and Numeric HTTP Payload Data Other Than Dates
- SIP Expressions
- Operations for HTTP, HTML, and XML Encoding and “Safe” Characters
- Expressions for TCP, UDP, and VLAN Data
- Expressions for Evaluating a DNS Message and Identifying Its Carrier Protocol
- XPath and HTML, XML, or JSON Expressions
- Encrypting and Decrypting XML Payloads
- Advanced Policy Expressions: Parsing SSL Certificates
- Advanced Policy Expressions: IP and MAC Addresses, Throughput, VLAN IDs
- Advanced Policy Expressions: Stream Analytics Functions
- Advanced Policy Expressions: DataStream
- Typecasting Data
- Regular Expressions
- Configuring Classic Policies and Expressions
- Expressions Reference-Advanced Policy Expressions
- Expressions Reference-Classic Expressions
- Summary Examples of Default Syntax Expressions and Policies
- Tutorial Examples of Default Syntax Policies for Rewrite
- Tutorial Examples of Classic Policies
- Migration of Apache mod_rewrite Rules to the Default Syntax
- Configuring a Stream Selector
- Configuring a Traffic Rate Limit Identifier
- Configuring and Binding a Traffic Rate Policy
- Viewing the Traffic Rate
- Testing a Rate-Based Policy
- Examples of Rate-Based Policies
- Sample Use Cases for Rate-Based Policies
- Rate Limiting for Traffic Domains
- Configure rate limit at packet level
- Enabling the Responder Feature
- Configuring a Responder Action
- Configuring a Responder Policy
- Binding a Responder Policy
- Setting the Default Action for a Responder Policy
- Responder Action and Policy Examples
- Diameter Support for Responder
- RADIUS Support for Responder
- DNS Support for the Responder Feature
- How Rewrite Works
- Enabling the Rewrite Feature
- Configuring a Rewrite Action
- Configuring a Rewrite Policy
- Binding a Rewrite Policy
- Configuring Rewrite Policy Labels
- Configuring the Default Rewrite Action
- Bypassing the Safety Check
Rewrite Action and Policy Examples
- Example 1: Delete Old X-Forwarded-For and Client-IP Headers
- Example 2: Adding a Local Client-IP Header
- Example 3: Tagging Secure and Insecure Connections
- Example 4: Mask the HTTP Server Type
- Example 5: Redirect an External URL to an Internal URL
- Example 6: Migrating Apache Rewrite Module Rules
- Example 7: Marketing Keyword Redirection
- Example 8: Redirect Queries to the Queried Server
- Example 9: Home Page Redirection
- Example 10: Policy-based RSA Encryption
- Example 11: policy-based RSA encryption with no padding
- URL Transformation
- RADIUS Support for the Rewrite Feature
- Diameter Support for Rewrite
- DNS Support for the Rewrite Feature
- String Maps
- URL Sets
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
How rewrite works
A rewrite policy consists of a rule and action. The rule determines the traffic on which rewrite is applied and the action determines the action to be taken by the NetScaler. You can define multiple rewrite policies. For each policy, specify the bind point and priority.
A bind point refers to a point in the traffic flow at which the NetScaler examines the traffic to verify whether any rewrite policy can be applied to it. You can bind a policy to a specific load balancing or content switching virtual server, or make the policy global if you want the policy to be applied to the entire traffic handled by the NetScaler. These policies are referred to as global policies.
In addition to the user-defined policies, the NetScaler has some default policies. You cannot modify or delete a default policy.
For evaluating the policies, NetScaler follows the order mentioned below:
- Global policies
- Policies bound to specific virtual servers
- Default policies
Note: NetScaler can apply a rewrite policy only when it is bound to a point.
NetScaler implements the rewrite feature in the following steps:
The NetScaler appliance checks for global policies and then checks for policies at individual bind points.
If multiple policies are bound to a bind point, the NetScaler evaluates the policies in the order of their priority. The policy with the highest priority is evaluated first. After evaluating each policy, if the policy is evaluated to TRUE (the traffic matches the rule), it adds the action associated with the policy to a list of actions to be performed. A match occurs when the characteristics specified in the policy rule match the characteristics of the request or response being evaluated.
For any policy, in addition to the action, you can specify the policy that should be evaluated after the current policy is evaluated. This policy is referred to as the ‘Go to Expression’. For any policy, if a Go to Expression (gotoPriorityExpr) is specified, the NetScaler evaluates the Go to Expression policy; it ignores policy with the next highest priority.
You can specify the priority of the policy to indicate the Go to Expression policy; you cannot use the name of the policy. If you want the NetScaler to stop evaluating other policies after evaluating a particular policy, you can set the Go to Expression to ‘END’.
After all the policies are evaluated or when a policy has the Go to Expression set as END, the NetScaler starts performing the actions according to the list of actions.
The following figure illustrates how NetScaler processes a request or response when the rewrite feature is used.
Figure 1. The Rewrite Process
The policy with the highest priority is evaluated first. NetScaler does not stop the evaluation of rewrite policies when it finds a match; it evaluates all the rewrite policies configured on the NetScaler.
- If a policy evaluates to TRUE, the NetScaler follows the procedure below:
- If the policy has the Go to Expression set to END, the NetScaler stops evaluating all the other policies and starts performing the rewrite.
- The gotoPriorityExpression can be set to ‘NEXT’, ‘END’, some integer or ‘INVOCATION_LIST’. The value determines the policy with the next priority. The following table shows the action taken by NetScaler for each value of the expression.
| Value of the expression | Action |
| NEXT | Policy with the next priority gets evaluated. | | END | Evaluation of policies stops.||
<an integer>| Policy with specified priority gets evaluated.| | INVOCATION_LIST | Goto NEXT or END is applied based on the result of the invocation list. |
- If a policy evaluates to FALSE, the NetScaler continues the evaluation in the order of priority.
- If a policy evaluates to UNDEFINED (cannot be evaluated on the received traffic due to an error), the NetScaler performs the action assigned to the UNDEFINED condition (referred to as undefAction) and stops further evaluation of polices.
The NetScaler starts the actual rewriting only after the evaluation is complete. It refers to the list of actions identified by policies that are evaluated to TRUE, and starts the rewriting. After implementing all the actions in the list, the NetScaler forwards the traffic as required.
Ensure that the policies do not specify conflicting or overlapping actions on the same part of the HTTP header or body, or TCP payload. When such a conflict occurs, the NetScaler encounters an undefined situation and aborts the rewrite.
On the NetScaler appliance, specify the actions to be taken such as adding, replacing, or deleting text within the body, or adding, modifying or deleting headers, or any changes in the TCP payload as rewrite actions. For more information about rewrite actions, see Configuring a Rewrite Action.
The following table describes the steps the NetScaler can take when a policy evaluates to TRUE.
| Action | Result | |—-|—| | Insert | The rewrite action specified for the policy is carried out. | | NOREWRITE | The request or response is not rewritten. NetScaler forwards the traffic without rewriting any part of the message. | | RESET | The connection is aborted at the TCP level. | | DROP | The message is dropped.| Note: For any policy, you can configure the undefaction (action to be taken when the policy evaluates to UNDEFINED) as NOREWRITE, RESET, or DROP.
To use the Rewrite feature, take the following steps:
- Enable the feature on the NetScaler.
- Define rewrite actions.
- Define rewrite policies.
- Bind the policies to a bind point to bring a policy into effect.