Fortinet Document Library

Version:


Table of Contents

5.3.0
Download PDF
Copy Link

Events

Event Name Description Available Version

RULE_INIT

When initializing the script.

V5.2 and earlier

VS_LISTENER_BIND

When a VS tries to bind.

Right now, allows the user to set tcp options, later can be used to config VS.

TCP:sockopt() and MGM:set_event(“vs_listener_bind”) are available.

V5.2

TCP_ACCEPTED

When a TCP connection from a client is accepted.

V5.0

TCP_CLOSED

When a TCP connection from a client is to be closed.

V5.0

HTTP_REQUEST

When a HTTP request comes from a client.

V4.3

HTTP_DATA_REQUEST

Allows the user to manipulate http request data.

V4.8 and later

SERVER_BEFORE_CONNECT

When connecting to the backend real server.

TCP:sockopt() and management commands are available.

IP:client_port()/client_addr()/client_ip_ver() are available.

V5.2

SERVER_CONNECTED

When Httproxy deems that the backend real server is connected.

TCP:sockopt() and management commands are available.

Server-side IP functions are available.

V5.2

HTTP_RESPONSE

When a HTTP response comes from real server.

V4.3

HTTP_DATA_RESPONSE

Alllows the user to manipulate http response data.

V4.8 and later

SERVER_CLOSED

When Httproxy is going to terminate the backend real server connection.

V5.2

CLIENTSSL_HANDSHAKE

When a client-side SSL handshake is completed.

V5.0

CLIENTSSL_RENEGOTIATE

When a client-side SSL renegotiation is completed. It’s recommended not to use it as it’s not safe

V5.0

SERVERSSL_HANDSHAKE

When a server-side SSL handshake is completed.

V5.0

SERVERSSL_RENEGOTIATE

When a server-side SSL renegotiation is completed. It’s recommended not to use it as it’s not safe.

V5.0

AUTH_RESULT

When authentication(HTML Form / HTTP-basic) is done. If auth event detect, it still trigger the AUTH_RESULT.

LB:routing, ip commands, management commands and AUTH:commands can be used in AUTH_RESULT event.

The following commands are support in AUTH_RESULT.

HTTP:"uri_get path_get method_get query_get"

LB:"routing"

AUTH:"result success gen_renew_cookie flags need_renew_cookie clear_renew_cookie on_off clt_meth form_based method auth_flags author_type sso_group relay_type sess_timeout set_timeout the user pass realm the usergroup host uri sso_domain domain_prefix logoff"

IP:"client_port local_port remote_port client_addr local_addr remote_addr client_ip_ver"

MGM:"rand_id get_session_id disable_event enable_event set_event set_auto disable_auto enable_auto"

V5.2

COOKIE_BAKE

When FortiADC is done baking an authentication cookie.

V5.2

Events

Event Name Description Available Version

RULE_INIT

When initializing the script.

V5.2 and earlier

VS_LISTENER_BIND

When a VS tries to bind.

Right now, allows the user to set tcp options, later can be used to config VS.

TCP:sockopt() and MGM:set_event(“vs_listener_bind”) are available.

V5.2

TCP_ACCEPTED

When a TCP connection from a client is accepted.

V5.0

TCP_CLOSED

When a TCP connection from a client is to be closed.

V5.0

HTTP_REQUEST

When a HTTP request comes from a client.

V4.3

HTTP_DATA_REQUEST

Allows the user to manipulate http request data.

V4.8 and later

SERVER_BEFORE_CONNECT

When connecting to the backend real server.

TCP:sockopt() and management commands are available.

IP:client_port()/client_addr()/client_ip_ver() are available.

V5.2

SERVER_CONNECTED

When Httproxy deems that the backend real server is connected.

TCP:sockopt() and management commands are available.

Server-side IP functions are available.

V5.2

HTTP_RESPONSE

When a HTTP response comes from real server.

V4.3

HTTP_DATA_RESPONSE

Alllows the user to manipulate http response data.

V4.8 and later

SERVER_CLOSED

When Httproxy is going to terminate the backend real server connection.

V5.2

CLIENTSSL_HANDSHAKE

When a client-side SSL handshake is completed.

V5.0

CLIENTSSL_RENEGOTIATE

When a client-side SSL renegotiation is completed. It’s recommended not to use it as it’s not safe

V5.0

SERVERSSL_HANDSHAKE

When a server-side SSL handshake is completed.

V5.0

SERVERSSL_RENEGOTIATE

When a server-side SSL renegotiation is completed. It’s recommended not to use it as it’s not safe.

V5.0

AUTH_RESULT

When authentication(HTML Form / HTTP-basic) is done. If auth event detect, it still trigger the AUTH_RESULT.

LB:routing, ip commands, management commands and AUTH:commands can be used in AUTH_RESULT event.

The following commands are support in AUTH_RESULT.

HTTP:"uri_get path_get method_get query_get"

LB:"routing"

AUTH:"result success gen_renew_cookie flags need_renew_cookie clear_renew_cookie on_off clt_meth form_based method auth_flags author_type sso_group relay_type sess_timeout set_timeout the user pass realm the usergroup host uri sso_domain domain_prefix logoff"

IP:"client_port local_port remote_port client_addr local_addr remote_addr client_ip_ver"

MGM:"rand_id get_session_id disable_event enable_event set_event set_auto disable_auto enable_auto"

V5.2

COOKIE_BAKE

When FortiADC is done baking an authentication cookie.

V5.2