contentinspection-policy¶
The following operations can be performed on "contentinspection-policy":
show| rm| set| add| unset| rename| stat|
show contentinspection policy¶
Displays the current settings for the specified contentInspection policy. If no policy name is specified, displays a list of all contentInspection policies currently configured on the Citrix ADC, with abbreviated settings.
Synopsis¶
show contentinspection policy [
Arguments¶
name Name of the contentInspection policy for which to display settings.
Output¶
stateflag rule Rule of the policy.
action CI action associated with the policy.
undefAction UNDEF action associated with the policy.
hits Number of hits.
undefHits Number of policy UNDEF hits.
activePolicy Indicates whether policy is bound or not.
boundTo Location where policy is bound
priority Specifies the priority of the policy.
gotoPriorityExpression Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.
labelType Type of policy label invocation.
labelName Name of the label to invoke if the current policy rule evaluates to TRUE.
comment Any type of information about this contentInspection policy.
logAction Name of the messagelog action to use for requests that match this policy.
bindPolicyType vserverType builtin Flag to determine if contentInspection policy is built-in or not
feature The feature to be checked while applying this config
type devno count
Example¶
show contentInspection policy
rm contentinspection policy¶
Removes the specified contentInspection policy.
Synopsis¶
rm contentinspection policy
Arguments¶
name Name of the contentInspection policy to remove.
Example¶
rm contentInspection policy pol9
set contentinspection policy¶
Modifies the rule, action or comment portion of the specified contentInspection policy.
Synopsis¶
set contentinspection policy
Arguments¶
name Name of the contentInspection policy.
rule Expression that the policy uses to determine whether to execute the specified action.
action Name of the contentInspection action to perform if the request matches this contentInspection policy. There are also some built-in actions which can be used. These are: * NOINSPECTION - Send the request from the client to the server or response from the server to the client without sending it to Inspection device for Content Inspection. * RESET - Resets the client connection by closing it. The client program, such as a browser, will handle this and may inform the user. The client may then resend the request if desired. * DROP - Drop the request without sending a response to the user.
undefAction Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.
comment Any type of information about this contentInspection policy.
logAction Name of the messagelog action to use for requests that match this policy.
Example¶
set contentInspection policy pol9 -rule "HTTP.REQ.HEADER(\"header\").CONTAINS(\"qh2\")"
add contentinspection policy¶
Creates a contentInspection policy, which specifies requests that the Citrix ADC intercepts and executes the specified action.
Synopsis¶
add contentinspection policy
Arguments¶
name Name for the contentInspection policy. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Can be changed after the contentInspection policy is added.
The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my contentInspection policy" or 'my contentInspection policy').
rule Expression that the policy uses to determine whether to execute the specified action.
action Name of the contentInspection action to perform if the request matches this contentInspection policy. There are also some built-in actions which can be used. These are: * NOINSPECTION - Send the request from the client to the server or response from the server to the client without sending it to Inspection device for Content Inspection. * RESET - Resets the client connection by closing it. The client program, such as a browser, will handle this and may inform the user. The client may then resend the request if desired. * DROP - Drop the request without sending a response to the user.
undefAction Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.
comment Any type of information about this contentInspection policy.
logAction Name of the messagelog action to use for requests that match this policy.
Example¶
i) add contentInspection policy pol9 -rule "HTTP.REQ.URL.URL_CATEGORIZE(0,0).CATEGORY.EQ(\"Malware\")" -action AV_ACTION
unset contentinspection policy¶
Removes the settings of an existing contentInspection policy. Attributes for which a default value is available revert to their default values. See the set contentInspection policy command for descriptions of the parameters..Refer to the set contentinspection policy command for meanings of the arguments.
Synopsis¶
unset contentinspection policy
Example¶
unset contentInspection policy pol9 -undefAction
rename contentinspection policy¶
Renames the specified contentInspection policy.
Synopsis¶
rename contentinspection policy
Arguments¶
name Existing name of the contentInspection policy.
newName New name for the contentInspection policy. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) hash (#), space ( ), at (@), equals (=), colon (:), and underscore characters.
The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my contentInspection policy" or 'my contentInspection policy').
Example¶
rename contentInspection policy oldname newname
stat contentinspection policy¶
Displays statistics for all contentInspection policies currently configured on the Citrix ADC, or detailed statistics for the specified policy.
Synopsis¶
stat contentinspection policy [
Arguments¶
name Name of the contentInspection policy for which to show detailed statistics.
detail Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.
fullValues Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated
ntimes The number of times, in intervals of seven seconds, the statistics should be displayed. Default value: 1 Minimum value: 0
logFile The name of the log file to be used as input.
clearstats Clear the statsistics / counters
Possible values: basic, full
Output¶
count devno stateflag
Counters¶
Policy hits (Hits) Number of hits on the policy
Policy undef hits (Undefhits) Number of undef hits on the policy