policy-expression¶
The following operations can be performed on "policy-expression":
show policy expression¶
Displays information about the available named policy expressions.
Synopsis¶
show policy expression [
Arguments¶
name Name of the policy expression to display. If a name is not provided, information about all policy expressions is shown.
type Type of expression. Can be a classic or default syntax (advanced) expression.
Possible values: CLASSIC, ADVANCED
Output¶
value The expression string.
hits The total number of hits.
piHits The total number of hits.
type The type of expression. This is for output only.
clientSecurityMessage The client security message that will be displayed on failure of the client security check.
description Description for the expression.
comment Any comments associated with the expression. Displayed upon viewing the policy expression.
stateflag flag isDefault A value of true is returned if it is a default policy expression.
builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.
feature The feature to be checked while applying this config
gslbBindings Number of times expression is being used in the GSLB config.
devno count
rm policy expression¶
Removes a named policy expression. If the expression is used by a policy or filter, you must remove the policy or filter before removing the expression.
Synopsis¶
rm policy expression
Arguments¶
name Name of the policy expression to be removed.
add policy expression¶
Creates a classic or default syntax named expression, which can be used in multiple policies. For example, you can create the following named expressions, ExpressionA and ExpressionB: ExpressionA: http.req.body(100).contains("A") ExpressionB: http.req.body(100).contains("B")
You could then create an expression of the form:
Synopsis¶
add policy expression
Arguments¶
name Unique name for the expression. Not case sensitive. Must begin with an ASCII letter or underscore (_) character, and must consist only of ASCII alphanumeric or underscore characters. Must not begin with 're' or 'xp' or be a word reserved for use as an expression qualifier prefix (such as HTTP) or enumeration value (such as ASCII). Must not be the name of an existing named expression, pattern set, dataset, stringmap, or HTTP callout.
value Expression string. For example: http.req.body(100).contains("this").
comment Any comments associated with the expression. Displayed upon viewing the policy expression.
clientSecurityMessage Message to display if the expression fails. Allowed for classic end-point check expressions only.
unset policy expression¶
Use this command to remove policy expression settings.Refer to the set policy expression command for meanings of the arguments.
Synopsis¶
unset policy expression
set policy expression¶
Modifies the attributes of a named policy expression.
Synopsis¶
set policy expression
Arguments¶
name Name of the policy expression to be modified.
value The expression string.
comment Any comments associated with the expression. Displayed upon viewing the policy expression.
clientSecurityMessage The client security message that will be displayed on failure of this expression. Only relevant for end point check expressions.