Jump to content
Welcome to our new Citrix community!

Classic to Advance policy conversion


Akbar Kotapalli

Recommended Posts

Any idea how to convert the below policies to advance?

 

add rewrite action RW_Replace_http_with_https_S_Act replace_all "HTTP.RES.BODY(9999999)" "\"https://\"" -pattern "http://" - In Use
add rewrite action RW_Replace_http_with_https_S_Act_Header_Location replace_all "HTTP.RES.HEADER(\"Location\")" "\"https://\"" -pattern "http://" - In Use

add rewrite action RW_Replace_http_with_https_N_Act replace_all "HTTP.RES.BODY(9999999)" "\"https://\"" -pattern "http://"  - In Use
add rewrite action T_HTTP_HTTPS_REWRITE replace_all "HTTP.REQ.BODY(99999999)" "\"https://\"" -pattern "http://" - In Use

 

Link to comment
Share on other sites

Ok - now that I had time to take a second look.

 

The issue is the -pattern expression which has changed in later releases to the SEARCH parameter and the Refine Search.

In the 11.1 guide here, you can see that Pattern was supported in 11.1 and announced for deprecation in 12.0.56.20 and later:  https://docs.citrix.com/en-us/netscaler/11-1/appexpert/rewrite/configuring-rewrite-action.html (search for pattern).  (I had forgotten this syntax existed.)

 

In later releases, the -pattern option is replaced with the -Search and -RefineSearch parameters.    

While the admin guide, documents the "search" types here (in 13.1 for this example, but similar capabilities in 12.1/13.0).

https://docs.citrix.com/en-us/citrix-adc/current-release/appexpert/rewrite.html.  Search for "Search a part of the request" to find section explaining types:

It will probably be easiest to look at it in the GUI the first time to see the change in options, and then you can configure once in GUI. Then identify cli, and then update the others.

Basics:  Search can be: text, regex, xpath, json, dataset, patternsets, or AVP.  It can be modified with "refine search", which uses an extend(m,n) format (see doc section noted).

 

----------

The below should accomplish what your originals are doing, but test first.

[originals]

[1a] add rewrite action RW_Replace_http_with_https_S_Act replace_all "HTTP.RES.BODY(9999999)" "\"https://\"" -pattern "http://" - In Use
[2a] add rewrite action RW_Replace_http_with_https_S_Act_Header_Location replace_all "HTTP.RES.HEADER(\"Location\")" "\"https://\"" -pattern "http://" - In Use

[3a] add rewrite action RW_Replace_http_with_https_N_Act replace_all "HTTP.RES.BODY(9999999)" "\"https://\"" -pattern "http://"  - In Use
[4a] add rewrite action T_HTTP_HTTPS_REWRITE replace_all "HTTP.REQ.BODY(99999999)" "\"https://\"" -pattern "http://" - In Use

 

[updated]

[1b] add rewrite action RW_Replace_http_with_https_S_Act2 replace_all "http.RES.BODY(9999999)" "\"https://\"" -search "text(\"http://\")"
[2b] add rewrite action RW_Replace_http_with_https_S_Act_Header_Location2 replace_all "http.RES.HEADER(\"Location\")" "\"https://\"" -search "text(\"http://\")"

[3b] add rewrite action RW_Replace_http_with_https_N_Act2 replace_all "http.RES.BODY(9999999)" "\"https://\"" -search "text(\"http://\")"
[4b] add rewrite action T_HTTP_HTTPS_REWRITE2 replace_all "http.REQ.BODY(9999999)" "\"https://\"" -search "text(\"http://\")"

 

Text vs. RegEx example in brief. Though text should be fine.

-search text("<textstring>")

-search regex(re~abc123~)

NOTE:  The regex is marked as regex(re~<pattern>~), where the regex must start and end with a character not appearing in the pattern you plan to use. In this example i used the tilde (~).

 

Link to comment
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...