Examples of built-in predefined scripts
As of V5.3.0, FortiADC has the following built-in scripts; the user can refer to these examples to finish their scripting as needed.
Predefined script |
Description |
---|---|
IP_COMMANDS |
Used to get various types IP Address and port number between client and server side. |
SNAT_COMMANDS |
Allows you to overwrite client source address to a specific IP for certain clients, also support IPv4toIPv6 or IPv6toIPv4 type. Note: Make sure the flag SOURCE ADDRESS is selected in the HTTP or HTTPS type of profile. |
SOCKOPT_COMMAND_USAGE |
Allows the user to customize the TCP_send buffer and TCP_receive buffer size. |
TCP_EVENTS_n_COMMANDS |
Demonstrates how to reject a TCP connection from a client in TCP_ACCEPTED event. |
GEOIP_UTILITY |
Used to fetch the GEO information country and possible province name of an IP address. |
CONTENT_ROUTING_by_URI |
Routes to a pool member based on URI string matches. You should not use this script as is. Instead, copy it and customize the URI string matches and pool member names. |
CONTENT_ROUTING_by_X_FORWARDED_FOR |
Routes to a pool member based on IP address in the X-Forwarded-For header. You should not use this script as is. Instead, copy it and customize the X-Fowarded-For header values and pool member names.
|
GENERAL_REDIRECT_DEMO |
Redirects requests to a URL with the user-defined code and cookie. Note: Do NOT use this script "as is". Instead, copy and customize the code, URL, and cookie. |
HTTP_2_HTTPS_REDIRECTION |
Redirects requests to the HTTPS site. You can use this script without changes |
HTTP_2_HTTPS_REDIRECTION_FULL_URL |
Redirects requests to the specified HTTPS URL. Note: This script can be used directly, without making any change. |
REDIRECTION_by_STATUS_CODE |
Redirects requests based on the status code of server HTTP response (for example, a redirect to the mobile version of a site). Do NOT use this script "as is". Instead, copy it and customize the condition in the server HTTP response status code and the URL values.
|
REDIRECTION_by_USER_AGENT |
Redirects requests based on User Agent (for example, a redirect to the mobile version of a site). You should not use this script as is. Instead, copy it and customize the User Agent and URL values |
REWRITE_HOST_n_PATH |
Rewrites the host and path in the HTTP request, for example, if the site is reorganized. You should not use this script as is. Instead, copy |
REWRITE_HTTP_2_HTTPS_in_LOCATION |
Rewrites HTTP location to HTTPS, for example, rewrite “Location:http://www.example.com” to “Location:https://www.example.com” Note: You can use the script directly, without making any change |
REWRITE_HTTP_2_HTTPS_in_REFERER |
Rewrites HTTP referer to HTTPS, for example, rewrite “Referer: http://www.example.com” to “Referer: https://www.example.com”. Note: You can use the script directly, without making any change. |
REWRITE_HTTPS_2_HTTP_in_LOCATION |
Rewrites HTTPS location to HTTP, for example, rewrite “Location:https://www.example.com” to “Location:http://www.example.com”. Note: You can use the script directly, without making any change.
|
REWRITE_HTTPS_2_HTTP_in_REFERER |
Rewrites HTTPS referer to HTTP, for example, rewrite “Referer: https://www.example.com” to “Referer: http://www.example.com”. Note: You can use the script directly, without making any change |
HTTP_DATA_FETCH_SET_DEMO |
Collects data in HTTP request body or HTTP response body. In HTTP_REQUEST or HTTP_RESPONSE, you could collect specified size data with “size” in collect().In HTTP_DATA_REQUEST or HTTP_DATA_RESPONSE. You could print the data use “content”, calculate data length with “size”, and rewrite the data with “set”. Note: Do NOT use this script "as is". Instead, copy it and manipulate the collected data. |
HTTP_DATA_FIND_REMOVE_REPLACE_DEMO |
Finds a specified string, removes a specified string, or replaces a specified string to new content in HTTP data. Note: Do NOT use this script "as is". Instead, copy it and manipulate the collected data. |
URL_UTILITY_COMMANDS |
Demonstrate how to use those url tools to encode/decode/parser/compare . |
USE_REQUEST_HEADERS_in_OTHER_EVENTS |
Stores a request header value in an event and uses it in other events. For example, you can store a URL in a request event, and use it in a response event. Note: Do NOT use this script "as is". Instead, copy it and customize the content you want to store, use collect() in HTTP_REQUEST to trigger HTTP_DATA_REQUEST,or use collect() in HTTP_ RESPONSE to trigger HTTP_DATA_ RESPONSE. |
SSL_EVENTS_n_COMMANDS |
Demonstrate how to fetch the SSL certificate information and some of the SSL connection parameters between server and client side. |
AUTH_COOKIE_BAKE |
Allows you to retrieve the baked cookie and edit the cookie content. |
AUTH_EVENTS_n_COMMANDS |
Used to get the information from authentication process. |
OPTIONAL_CLIENT_AUTHENTICATION |
Performs optional client authentication. Note: Before using this script, you must have the following four parameters configured in the client-ssl-profile: l client-certificate-verify—Set to the verify you'd like to use to verify the client certificate. l client-certificate-verify-option—Set to optional l ssl-session-cache-flag—Disable. l use-tls-tickets—Disable. l |
CUSTOMIZE_AUTH_KEY |
Demonstrate how to customize the crypto key for authentication cookie. |
COOKIE_COMMANDS |
Demonstrate the cookie command to get the whole cookie in a table and how to remove/insert/set the cookie attribute. |
COOKIE_COMMANDS_USAGE |
Demonstrate the sub-function to handle the cookie attribute "SameSite" and others. |
COOKIE_CRYPTO_COMMANDS |
Used to perform cookie encryption/decryption on behalf of the real server. |
AES_DIGEST_SIGN_2F_COMMANDS |
Demonstrate how to use AES to encryption/decryption data and some tools to generate the digest. |
CLASS_SEARCH_n_MATCH |
Demonstrates how to use the class_match and class_search utility function. |
COMPARE_IP_ADDR_2_ADDR_GROUP_DEMO |
Compares an IP address to an address group to determine if the IP address is included in the specified IP group. For example ,192.168.1.2 is included 192.168.1.0/24. Note: Do NOT use this script "as is". Instead, copy it and customize the IP address and the IP address group.
|
INSERT_RANDOM_MESSAGE_ID_DEMO |
Inserts a 32-bit hex string into the HTTP header with a parameter “Message-ID”. Note: You can use the script directly, without making any change.
|
MANAGEMENT_COMMANDS |
Allow you to disable/enable rest of the events from executing. |
UTILITY_FUNCTIONS_DEMO |
Demonstrates how to use the basic string operations and random number/alphabet, time, MD5, SHA1, SHA2, BASE64, BASE32, table to string conversion, network to host conversion utility function. |
SPECIAL_CHARACTERS_HANDLING_DEMO |
Shows how to use those "magic characters" which have special meanings when used in a certain pattern. The magic characters are ( ) . % + - * ? [ ] ^ $
|
MULTIPLE_SCRIPT_CONTROL_DEMO_1 |
Uses demo_1 and demo_2 script to show how multiple scripts work. Demo_1 with priority 12 has a higher priority. Note: You could enable or disable other events. Do NOT use this script "as is". Instead, copy it and customize the operation.
|
MULTIPLE_SCRIPT_CONTROL_DEMO_2 |
Uses demo_1 and demo_2 script to show how multiple scripts work. Demo_2 with priority 24 has a lower priority. Note: You could enable or disable other events. Do NOT use this script "as is". Instead, copy it and customize the operation |