Jump to content
Welcome to our new Citrix community!

if else statement for appexpert in messageaction


Recommended Posts

Hi Team,

 

Sorry if i'm asking a question that might not logic for appexpert. what i'm trying to do is to create an audit messageaction policy to be use for sending custom syslog to external syslog server whenever traffic hit specific vserver.  Now we are testing to log DNS request to external server. below are some of the variable that available for us to be used with the message action.

 

CLIENT.IP.SRC

CLIENT.UDP.DNS.DOMAIN

CLIENT.UDP.DNS.IS_AREC

and many more..

 

so far i can get most of the information required except the type of RR that client request. i'm not sure if is it possible to use any if else statement in messageaction. so i can force if CLIENT.UDP.DNS.IS_AREC then print ResourceRecord: A else if CLIENT.UDP.DNS.IS_AAAAREC then print ResourceRecord: AAAA and so on. for now i'm not able to do that. please advise how can i achieved that.

 

thanks,

Link to comment
Share on other sites

Hi Faizal,

 

I never dealt much with DNS on Netscaler, so it's just a guess, but have you had a look into the DNS.* policy tree?

 

For example: DNS.REQ.QUESTION.TYPE

From the help: "Returns DNS Record type. This object provides Num operations and DnsType Enum operations on the DNS Record Type."

(Or any other thing within the DNS.* tree, theres quite a few more options avaiable there)

 

Manuel

Link to comment
Share on other sites

Hi Manuel,

 

i have try DNS.* portion but it seems like it is not workable for messageaction. as it will directly give error when you try to save it. the only expression can be use is CLIENT SYS and HTTP only.

 

so far i manage to get the Resource Record using the CLIENT.UDP.DNS.IS_AREC. but i have to create a custom message action and apply to rewrite policy based on the specific messageaction.

 

but still looking for the best method if i want to add the record using sort of if else statement.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...