A rewrite policy consists of a rule and action. The rule determines the traffic on which rewrite is applied and the action determines the action to be taken by the NetScaler. You can define multiple rewrite policies. For each policy, specify the bind point and priority.
A bind point refers to a point in the traffic flow at which the NetScaler examines the traffic to verify whether any rewrite policy can be applied to it. You can bind a policy to a specific load balancing or content switching virtual server, or make the policy global if you want the policy to be applied to the entire traffic handled by the NetScaler. These policies are referred to as global policies.
In addition to the user-defined policies, the NetScaler has some default policies. You cannot modify or delete a default policy.
For evaluating the policies, NetScaler follows the order mentioned below:
- Global policies
- Policies bound to specific virtual servers
- Default policies
Note: NetScaler can apply a rewrite policy only when it is bound to a point.
NetScaler implements the rewrite feature in the following steps:
For more information about configuring rewrite policies, see "Configuring a Rewrite Policy" and about binding rewrite policies, see "Binding a Rewrite Policy."
The following figure illustrates how NetScaler processes a request or response when the rewrite feature is used.
The policy with the highest priority is evaluated first. NetScaler does not stop the evaluation of rewrite policies when it finds a match; it evaluates all the rewrite policies configured on the NetScaler.
- If a policy evaluates to TRUE, the NetScaler follows
the procedure below:
- If the policy has the Go to Expression set to END, the NetScaler stops evaluating all the other policies and starts performing the rewrite.
gotoPriorityExpression can be set to 'NEXT', 'END', some integer or 'INVOCATION_LIST'. The value determines the policy with the next priority. The following table shows the action taken by NetScaler for each value of the expression.
| Value of the expression
|| Policy with the next priority gets evaluated.
|| Evaluation of policies stops.
| <an integer>
|| Policy with specified priority gets evaluated.
|| Goto NEXT or END is applied based on the result of the invocation list.
- If a policy evaluates to FALSE, the NetScaler continues the evaluation in the order of priority.
- If a policy evaluates to UNDEFINED (cannot be evaluated on the received traffic due to an error), the NetScaler performs the action assigned to the UNDEFINED condition (referred to as undefAction) and stops further evaluation of polices.
The NetScaler starts the actual rewriting only after the evaluation is complete. It refers to the list of actions identified by policies that are evaluated to TRUE, and starts the rewriting. After implementing all the actions in the list, the NetScaler forwards the traffic as required.
Note: Ensure that the policies do not specify conflicting or overlapping actions on the same part of the HTTP header or body, or TCP payload. When such a conflict occurs, the NetScaler encounters an undefined situation and aborts the rewrite.
On the NetScaler appliance, specify the actions to be taken such as adding, replacing, or deleting text within the body, or adding, modifying or deleting headers, or any changes in the TCP payload as rewrite actions. For more information about rewrite actions, see "Configuring a Rewrite Action."
The following table describes the steps the NetScaler can take when a policy evaluates to TRUE.
||The rewrite action specified for the policy is carried out.
||The request or response is not rewritten. NetScaler forwards the traffic without rewriting any part of the message.
||The connection is aborted at the TCP level.
||The message is dropped.
Note: For any policy, you can configure the undefaction (action to be taken when the policy evaluates to UNDEFINED) as NOREWRITE, RESET, or DROP.
To use the Rewrite
feature, take the following steps:
- Enable the feature on the NetScaler.
- Define rewrite actions.
- Define rewrite policies.
- Bind the policies to a bind point to bring a policy into effect.