-
AppExpert Applications and Templates
-
Configure application authentication, authorization, and auditing
-
-
Advanced Policy Expressions: Working with Dates, Times, and Numbers
-
Advanced Policy Expressions: Parsing HTTP, TCP, and UDP Data
-
Advanced Policy Expressions: IP and MAC Addresses, Throughput, VLAN IDs
-
-
View PDF
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
Configuring URL Set
You can perform the following tasks to configure a URL set and restrict URLs on a Citrix ADC platform:
- Import a URL set (download and encrypt it). Importing a URL set in a Citrix ADC appliance allows you to download the URL file, adding the file to the appliance, and then encrypting the file. Until you add the URL set to the system, it will not be visible to the user.
You can download a set in the following ways:
-
Download a URL set once from a remote server and specify it as
http://myserver.com/file_with_urlset.csv -
add a file under /var/tmp/ path inside ADC and use the command, as in the example below:
> shell cat /var/tmp/test_urlset.csv
example.com
google.com
> import policy urlset top10
k -url local:test_urlset.csv -delimiter "," -rowSeparator "n" -interval 10 -privateSet -canaryUrl http://www.in.gr
Done
The imported URL set is further categorized into different categories and category groups in the database. This is valid only if categories exist in the metadata of the URL set file.
Note: There can be a chance that you might have URL patterns without metadata.
Once you have imported the file, you can update, delete or display file properties. After the file is pushed into the appliance, you can modify the entries by adding further rows as it remains static.
The imported set is then stored in an encrypted file format on the Citrix ADC directory. The imported list contains millions of URL entries. Otherwise, the appliance returns an error message saying that the value exceeds the limit. If the imported URL set has blacklisted entries with metadata, the metadata it is detected by the appliance when it is imported.
Once you import a URL set and add it into the appliance, the URL set is available for advanced policies to identify the correct URL set during incoming URL evaluation. HTTP.REQ.HOSTNAME.APPEND(HTTP.REQ.URL).URLSET_MATCHES_ANY(<URL set name>)
-
Updating a URL set on the Citrix ADC appliance. Once you have pushed the file into the appliance, at this interval you can manually update a URL file by using command line interface.
-
Exporting a URL set. If you prefer a backup of the URL set, you can export the list of URL patterns and save a copy of it to a destination URL. Before you export, check whether the URL set is marked as private. If is marked private, the URL set cannot be exported. Export functionality does not work with private set. So a new urlset
myurlwould be imported without privateset defined, and then it would be exported to another file in a local path, as below:
> shell touch /var/tmp/test_urlset_export.csv
Done
> shell cat /var/tmp/test_urlset_export.csv
Done
> shell cat /var/tmp/test_urlset.csv
example.com
google.com
Done
> export urlset myurl -url local:test_urlset_export.csv
> import urlset myurl -url local:test_urlset.csv
Done
(a non-private urlset is imported)
-
Removing a URL set. If you want to delete a URL set of blacklisted entries, you can use the remove command to delete the URL set from the Citrix ADC appliance.
-
Displaying a URL set. You can display the properties of a URL set by using the show command.
Example:
show urlset
Name: top100 PatternCount: 100 Delimiter: RowSeparator: Interval: 0
Done
Import a URL set with meta by using the command line interface
At command prompt, type:
import policy urlset <name> [-overwrite] [–delimiter <character>] [-rowSeparator <character>] [-url] <url> [-interval <seconds>] [-privateSet] [-canaryUrl <URL>]
Where,
delimiter is a CSV file record with default value set as 44.
rowSeparator is a CSV file row separator with default value set as 10.
Interval is the time interval in secs, rounded to the nearest 15 minutes at which the update of urlset occurs.
CanaryURL is a URL used for testing when contents of the urlset is kept confidential.
Example
import policy urlset top10k -url local:test_urlset.csv -delimiter "," -rowSeparator "n" -interval 10 -privateSet -canaryUrl http://www.in.gr
Perform explicit subdomain match for an imported URL set
You can now perform an explicit subdomain match for an imported URL set. To do this, a new parameter, “subdomainExactMatch” is added to the “import policy URLset” command. When you enable the parameter, the URL Filtering algorithm performs an explicit subdomain match. For example, if the incoming URL is “news.example.com” and if the entry in the URL set is “example.com”, the algorithm does not match the URLs.
At the command prompt, type:
import policy urlset <name> [-overwrite] [-delimiter <character>][-rowSeparator <character>] -url [-interval <secs>] [-privateSet][-subdomainExactMatch] [-canaryUrl <URL>]
Example:
import policy urlset forth_urlset -url local:test_urlset.csv -interval 3600
To show URL set by using the command line interface
At the command prompt, type:
show urlset <name>
To export an URL set by using the command line interface
At the command prompt, type:
export urlset <name> <url>
To add an URL set by using the command line interface
At the command prompt, type:
add urlset <urlset_name>
To update an URL set by using the command line interface
At the command prompt, type:
update urlset <name>
To remove a URL set command by using the command line interface
At the command prompt, type:
remove urlset <name>
Example:
Note:
Before you import or export a URLset, you must make sure the
test_urlset_export.csvandtest_urlset.csvfiles are created and available under /var/tmp directory.
import policy urlset -url local:test_urlset.csv -delimiter "," -rowSeparator "n" -interval 10 -privateSet -overwrite –canaryUrl http://www.in.gr
add policy urlset top10k
update policy urlset top10k
sh policy urlset
sh policy urlset top10k
export policy urlset urlset1 -url local:test_urlset_export.csv
import policy urlset top10k -url local:test_urlset.csv –privateSet
add policy urlset top10k
update policy urlset top10k
show policy urlset top10k
Display imported URL sets
You can now display imported URL sets in addition to added URL sets. To do this, a new parameter “imported” is added to the “show urlset” command. If you enable this option, the appliance displays all imported URL sets and distinguishes the imported URL sets from the added URL sets.
At the command prompt, type:
show policy urlset [<name>] [-imported]
Example:
show policy urlset -imported
To import a URL set by using the GUI
Navigate to AppExpert > URL Sets, click Import to download the URL set.
To add a URL set by using the GUI
Navigate to AppExpert > URL Sets, click Add to create a URL set file for the downloaded URL set.
To edit a URL set by using the GUI
Navigate to AppExpert > URL Sets, select a URL set and click Edit to modify.
To Update a URL set by using the GUI
Navigate to AppExpert > URL Sets, select a URL set and click Update URL Set to update URL set with the latest modifications made to the file.
To Export a URL set by using the GUI
Navigate to AppExpert > URL Sets, select a URL set and click Export URL Set to export the URL patterns in a set to a destination URL and save it in that location.
Configuring URL Set
Share
In this article
- Import a URL set with meta by using the command line interface
- To show URL set by using the command line interface
- To export an URL set by using the command line interface
- To add an URL set by using the command line interface
- To update an URL set by using the command line interface
- To remove a URL set command by using the command line interface
- To import a URL set by using the GUI
- To add a URL set by using the GUI
- To edit a URL set by using the GUI
- To Update a URL set by using the GUI
- To Export a URL set by using the GUI
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.