Product Documentation

rewrite action

Sep 12, 2016

The following operations can be performed on "rewrite action":

add | rm | set | unset | show | rename

add rewrite action

Creates a rewrite action, which specifies exactly what modifications to make to a request or response before forwarding that request or response to the protected web server or to the user. In addition to user-defined actions, the rewrite feature has the following three built-in actions: * NOREWRITE - Sends the request or response to the user without rewriting it. * RESET - Resets the connection and notifies the user?s browser, so that the user can resend the request. * DROP - Drops the connection without sending a response to the user. One of the following three flow types is implicitly associated with every action: * Request - Action applies to the request. * Response - Action applies to the response. * Neutral - Action applies to both requests and responses.

Synopsys

add rewrite action <name> <type> <target> [<stringBuilderExpr>] [-pattern <expression> | -search <expression>] [-refineSearch <string>] [-comment <string>]

Arguments

name

Name for the user-defined rewrite action. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) hash (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Can be changed after the rewrite policy is added.

The following requirement applies only to the NetScaler CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my rewrite action" or ?my rewrite action?).

type

Type of user-defined rewrite action. The information that you provide for, and the effect of, each type are as follows::

* REPLACE <target> <string_builder_expr>. Replaces the string with the string-builder expression.

* REPLACE_ALL <target> <string_builder_expr1> -(pattern|search) <string_builder_expr2>. In the request or response specified by <target>, replaces all occurrences of the string defined by <string_builder_expr1> with the string defined by <string_builder_expr2>. You can use a PCRE-format pattern or the search facility to find the strings to be replaced.

* REPLACE_HTTP_RES <string_builder_expr>. Replaces the complete HTTP response with the string defined by the string-builder expression.

* REPLACE_SIP_RES <target> - Replaces the complete SIP response with the string specified by <target>.

* INSERT_HTTP_HEADER <header_string_builder_expr> <contents_string_builder_expr>. Inserts the HTTP header specified by <header_string_builder_expr> and header contents specified by <contents_string_builder_expr>.

* DELETE_HTTP_HEADER <target>. Deletes the HTTP header specified by <target>.

* CORRUPT_HTTP_HEADER <target>. Replaces the header name of all occurrences of the HTTP header specified by <target> with a corrupted name, so that it will not be recognized by the receiver Example: MY_HEADER is changed to MHEY_ADER.

* INSERT_BEFORE <string_builder_expr1> <string_builder_expr1>. Finds the string specified in <string_builder_expr1> and inserts the string in <string_builder_expr2> before it.

* INSERT_BEFORE_ALL <target> <string_builder_expr1> -(pattern|search) <string_builder_expr2>. In the request or response specified by <target>, locates all occurrences of the string specified in <string_builder_expr1> and inserts the string specified in <string_builder_expr2> before each. You can use a PCRE-format pattern or the search facility to find the strings.

* INSERT_AFTER <string_builder_expr1> <string_builder_expr2>. Finds the string specified in <string_builder_expr1>, and inserts the string specified in <string_builder_expr2> after it.

* INSERT_AFTER_ALL <target> <string_builder_expr1> -(pattern|search) <string_builder_expr>. In the request or response specified by <target>, locates all occurrences of the string specified by <string_builder_expr1> and inserts the string specified by <string_builder_expr2> after each. You can use a PCRE-format pattern or the search facility to find the strings.

* DELETE <target>. Finds and deletes the specified target.

* DELETE_ALL <target> -(pattern|search) <string_builder_expr>. In the request or response specified by <target>, locates and deletes all occurrences of the string specified by <string_builder_expr>. You can use a PCRE-format pattern or the search facility to find the strings.

* REPLACE_DIAMETER_HEADER_FIELD <target> <field value>. In the request or response modify the header field specified by <target>. Use Diameter.req.flags.SET(<flag>) or Diameter.req.flags.UNSET<flag> as 'stringbuilderexpression' to set or unset flags.

* REPLACE_DNS_HEADER_FIELD <target>. In the request or response modify the header field specified by <target>.

* REPLACE_DNS_ANSWER_SECTION <target>. Replace the DNS answer section in the response. This is currently applicable for A and AAAA records only. Use DNS.NEW_RRSET_A & DNS.NEW_RRSET_AAAA expressions to configure the new answer section

Possible values: noop, delete, insert_http_header, delete_http_header, corrupt_http_header, insert_before, insert_after, replace, replace_http_res, delete_all, replace_all, insert_before_all, insert_after_all, clientless_vpn_encode, clientless_vpn_encode_all, clientless_vpn_decode, clientless_vpn_decode_all, insert_sip_header, delete_sip_header, corrupt_sip_header, replace_sip_res, replace_diameter_header_field, replace_dns_header_field, replace_dns_answer_section

target

Default syntax expression that specifies which part of the request or response to rewrite.

stringBuilderExpr

Default syntax expression that specifies the content to insert into the request or response at the specified location, or that replaces the specified string.

pattern

Pattern that is used to match multiple strings in the request or response. The pattern may be a string literal (without quotes) or a PCRE-format regular expression with a delimiter that consists of any printable ASCII non-alphanumeric character except for the underscore (_) and space ( ) that is not otherwise used in the expression. Example: re~https?://|HTTPS?://~ The preceding regular expression can use the tilde (~) as the delimiter because that character does not appear in the regular expression itself. Used in the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types.

search

Search facility that is used to match multiple strings in the request or response. Used in the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types. The following search types are supported:

* Text ("text(string)") - A literal string. Example: -search text("hello")

* Regular expression (?regex(re<delimiter>regular exp<delimiter>)?) - Pattern that is used to match multiple strings in the request or response. The pattern may be a string literal (without quotes) or a PCRE-format regular expression with a delimiter that consists of any printable ASCII non-alphanumeric character except for the underscore (_) and space ( ) that is not otherwise used in the expression. Example: -search regex(re~^hello~) The preceding regular expression can use the tilde (~) as the delimiter because that character does not appear in the regular expression itself.

* XPath ("xpath(xp<delimiter>xpath expression<delimiter>)") - An XPath expression. Example: -search xpath(xp%/a/b%)

* JSON ("xpath_json(xp<delimiter>xpath expression<delimiter>)") - An XPath JSON expression. Example: -search xpath_json(xp%/a/b%)

NOTE: JSON searches use the same syntax as XPath searches, but operate on JSON files instead of standard XML files.

* Patset ("patset(patset)") - A predefined pattern set. Example: -search patset("patset1").

* Datset ("dataset(dataset)") - A predefined dataset. Example: -search dataset("dataset1").

* AVP ("avp(avp number)") - AVP number that is used to match multiple AVPs in a Diameter/Radius Message. Example: -search avp(999)

refineSearch

Specify additional criteria to refine the results of the search.

Always starts with the "extend(m,n)" operation, where 'm' specifies number of bytes to the left of selected data and 'n' specifies number of bytes to the right of selected data.

You can use refineSearch only on body expressions, and for the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types.

comment

Comment. Can be used to preserve information about this rewrite action.

Example

i) add rewrite action act_insert INSERT_HTTP_HEADER change_req "\\\\"no change\\\\"" . This Adds to http header will add the header change_req: no change. ii) add rewrite action act_replace REPLACE "HTTP.REQ.URL.PREFIX(1)" "HTTP.REQ.URL.PREFIX(1)+\\\\"citrix/\\\\"" . If HTTP.REQ.URL.PREFIX(1) is / the result would be /citrix/ iii) add rewrite action act_before INSERT_BEFORE "HTTP.REQ.HEADER(\\\\"host\\\\").VALUE(0)" "\\\\"india\\\\"" . If HTTP.REQ.HEADER(\\\\"host\\\\").VALUE(0) is netscaler.com the result would be indianetscaler.com iv) add rewrite action act_after INSERT_AFTER "HTTP.REQ.HEADER(\\\\"host\\\\").TYPECAST_LIST_T('.').GET(0)" "\\\\"-india\\\\"" . If HTTP.REQ.HEADER(\\\\"host\\\\").VALUE(0) is support.netscaler.com then the result would be support-india.netscaler.com v) add rewrite action act_delete DELETE "HTTP.REQ.HEADER(\\\\"host\\\\").VALUE(0)" will leave the Host header looking like "HOST: ". vi) add rewrite action act_delete_header DELETE_HTTP_HEADER Host will delete the Host header. If Host header occurs more than once all occurrence of the header will be deleted. vii) add rewrite action act_corrupt_header CORRUPT_HTTP_HEADER Host will corrupt the Host header. If Host header occurs more than once all occurrence of the header will be corrupted. 

rm rewrite action

Removes a rewrite action.

Synopsys

rm rewrite action <name>

Arguments

name

Name of the rewrite action to remove.

Example

rm rewrite action act_before

set rewrite action

Modifies the specified parameters of a rewrite action.

Synopsys

set rewrite action <name> [-target <string>] [-stringBuilderExpr <string>] [-pattern <expression> | -search <expression>] [-refineSearch <string>] [-comment <string>]

Arguments

name

Name of the rewrite action to modify.

target

Expression that specifies which part of the connection to rewrite.

stringBuilderExpr

Default syntax expression that specifies the content to insert into the request or response at the specified location, or that replaces the specified string.

pattern

Pattern that is used to match multiple strings in the request or response. The pattern may be a string literal (without quotes) or a PCRE-format regular expression with a delimiter that consists of any printable ASCII non-alphanumeric character except for the underscore (_) and space ( ) that is not otherwise used in the expression. Example: re~https?://|HTTPS?://~ The preceding regular expression can use the tilde (~) as the delimiter because that character does not appear in the regular expression itself. Used in the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types.

search

Search facility that is used to match multiple strings in the request or response. Used in the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types. The following search types are supported:

* Text ("text(string)") - A literal string. Example: -search text("hello")

* Regular expression (?regex(re<delimiter>regular exp<delimiter>)?) - Pattern that is used to match multiple strings in the request or response. The pattern may be a string literal (without quotes) or a PCRE-format regular expression with a delimiter that consists of any printable ASCII non-alphanumeric character except for the underscore (_) and space ( ) that is not otherwise used in the expression. Example: -search regex(re~^hello~) The preceding regular expression can use the tilde (~) as the delimiter because that character does not appear in the regular expression itself.

* XPath ("xpath(xp<delimiter>xpath expression<delimiter>)") - An XPath expression. Example: -search xpath(xp%/a/b%)

* JSON ("xpath_json(xp<delimiter>xpath expression<delimiter>)") - An XPath JSON expression. Example: -search xpath_json(xp%/a/b%)

NOTE: JSON searches use the same syntax as XPath searches, but operate on JSON files instead of standard XML files.

* Patset ("patset(patset)") - A predefined pattern set. Example: -search patset("patset1").

* Datset ("dataset(dataset)") - A predefined dataset. Example: -search dataset("dataset1").

* AVP ("avp(avp number)") - AVP number that is used to match multiple AVPs in a Diameter/Radius Message. Example: -search avp(999)

refineSearch

Specify additional criteria to refine the results of the search.

Always starts with the "extend(m,n)" operation, where 'm' specifies number of bytes to the left of selected data and 'n' specifies number of bytes to the right of selected data.

You can use refineSearch only on body expressions, and for the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types.

comment

Comment. Can be used to preserve information about this rewrite action.

Example

set rewrite action rwact1 -target "HTTP.REQ.HEADER(\\\\"MyHdr\\\\")" -stringBuilderExpr "HTTP.REQ.URL.MARK_SAFE"

unset rewrite action

Use this command to remove rewrite action settings.Refer to the set rewrite action command for meanings of the arguments.

Synopsys

unset rewrite action <name> [-stringBuilderExpr] [-refineSearch] [-comment]

show rewrite action

Displays the current settings for the specified rewrite action. If no rewrite action name is provided, displays a list of all rewrite actions currently configured on the NetScaler appliance.

Synopsys

show rewrite action [<name>]

Arguments

name

Name of the rewrite action.

Outputs

stateflag

type

Type of rewrite action. It can be: (delete|replace|insert_http_header|insert_before|insert_after|replace_http_res).

target

Expression specifying which part of HTTP header needs to be rewritten.

stringBuilderExpr

Expression specifying the value of rewritten HTTP header.

pattern

Pattern used for insert_before_all, insert_after_all, replace_all, delete_all action types.

search

Search facility that is used to match multiple strings in the request or response. Used in the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types. The following search types are supported:

* Text ("text(string)") - A literal string. Example: -search text("hello")

* Regular expression (?regex(re<delimiter>regular exp<delimiter>)?) - Pattern that is used to match multiple strings in the request or response. The pattern may be a string literal (without quotes) or a PCRE-format regular expression with a delimiter that consists of any printable ASCII non-alphanumeric character except for the underscore (_) and space ( ) that is not otherwise used in the expression. Example: -search regex(re~^hello~) The preceding regular expression can use the tilde (~) as the delimiter because that character does not appear in the regular expression itself.

* XPath ("xpath(xp<delimiter>xpath expression<delimiter>)") - An XPath expression. Example: -search xpath(xp%/a/b%)

* JSON ("xpath_json(xp<delimiter>xpath expression<delimiter>)") - An XPath JSON expression. Example: -search xpath_json(xp%/a/b%)

NOTE: JSON searches use the same syntax as XPath searches, but operate on JSON files instead of standard XML files.

* Patset ("patset(patset)") - A predefined pattern set. Example: -search patset("patset1").

* Datset ("dataset(dataset)") - A predefined dataset. Example: -search dataset("dataset1").

* AVP ("avp(avp number)") - AVP number that is used to match multiple AVPs in a Diameter/Radius Message. Example: -search avp(999)

bypassSafetyCheck

The safety check to allow unsafe expressions.

refineSearch

Specify additional criteria to refine the results of the search.

Always starts with the "extend(m,n)" operation, where 'm' specifies number of bytes to the left of selected data and 'n' specifies number of bytes to the right of selected data.

You can use refineSearch only on body expressions, and for the INSERT_BEFORE_ALL, INSERT_AFTER_ALL, REPLACE_ALL, and DELETE_ALL action types.

hits

The number of times the action has been taken.

undefHits

The number of times the action resulted in UNDEF.

referenceCount

The number of references to the action.

description

Description of the action

flags

isDefault

A value of true is returned if it is a default rewriteaction.

comment

Comment. Can be used to preserve information about this rewrite action.

builtin

Flag to determine whether rewrite action is built-in or not

devno

count

Example

1. show rewrite action  2. show rewrite action act_insert

rename rewrite action

Renames a rewrite action.

Synopsys

rename rewrite action <name>@ <newName>@

Arguments

name

Existing name of the rewrite action.

newName

New name for the rewrite action.

Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) hash (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Can be changed after the rewrite policy is added.

The following requirement applies only to the NetScaler CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my rewrite action" or ?my rewrite action?).

Example

rename rewrite action oldname newname