Fortinet black logo

Script Reference Guide

Home FortiADC 7.2.4 Script Reference Guide
7.2.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.4
7.2.0
6.2.0
5.4.1
5.4.0
5.3.0

Global commands

Global commands

Crc32(str) — Returns the crc32 check value of the string, or 0 if it is an empty string.

Key_gen(str_pass, str_salt, iter_num, len_num) — Creates an AES key to encrypt/decrypt data, either generated by password or user defined.

Aes_enc(t) — Encrypts the data using the previously-created AES key.

Aes_dec(t) — Decrypts the data using the previously-created AES key.

EVP_Digest(alg, str) — EVP_Digest for one-shot digest calculation.

HMAC(alg, str, key) — HMAC message authentication code.

HMAC_verify(alg, data, key, verify) — Checks if the signature is the same as the current digest.

G2F(alg, key) — Returns a G2F random value.

Class_match(str, method, list) — Matches the string against an element.

Class_search(list, method, str) — Searches an element in the list against a string.

Cmp_addr() — Matches one IP address against a group of IP addresses. It can automatically detect IPv4 and IPv6 and can be used to compare IPv4 addresses with IPv6 addresses.

url_enc(str) — Converts the URL information into valid ASCII format.

url_dec(str) — Converts the encoding-URL into the original URL.

url_parser(str) — Parses a URL, returns a table containing host, port, path, query, fragment, the username, password, etc., from the URL.

url_compare(url1, url2) — Compares two URL strings, returns true if they are the same.

Rand() — Generates a random number. Returns an integer number. After FortiADC reboots, the random number will be different.

srand(str) — Sets the random seed.

Rand_hex(int) — Generates a random number in HEX. Returns a string, length is the <int>.

Rand_alphanum(int) — Generates a random alphabet + number sequence. Returns a string, length is the <int>.

Rand_seq(int) — Generates a random number sequence. Returns a string, length is the <int>.

Time() — Returns the current time as a number in seconds. This is the time since the Epoch was measured.

Ctime() — Returns the current time as a string, for example, “Tue Jun 25 14:11:01 2019”.

gmtime() — Returns the GMT time as a string, for example, “Thu 27 Jun 2019 18:27:42 GMT”.

Md5(str) — Returns the MD5 calculated for the specified string.

Md5_hex(str) — Returns the MD5 value in hex as a string.

Md5_str(str) — Calculates the MD5 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Md5_hex_str(str) — Calculates the MD5 of a string input of a string input and outputs the results in HEX format, in some cases you need a version to deal with it.

Sha1(str) — Returns the SHA-1 calculated for the specified string.

Sha1_hex(str) — Returns the SHA-1 calculated for the string in hex.

Sha1_str(str) — Calculates the SHA-1 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Sha1_hex_str(str) — Calculates the SHA-1 of a string input and output the results in HEX format, in some cases you need a version to deal with it.

Sha256(str) — Calculates the SHA-256 of a string input and stores the result in an intermediate variable.

Sha256_hex(str) — Calculates the SHA-256 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Sha256_str(str) — Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Sha256_hex_str(str) — Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Sha384(str) — Calculates the SHA-384 of a string input and stores the result in an intermediate variable.

Sha384_hex(str) — Calculates the SHA-384 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Sha384_str(str) — Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Sha384_hex_str(str) — Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Sha512(str) — Calculates the SHA-512 of a string input and stores the result in an intermediate variable.

Sha512_hex(str) — Calculates the SHA-512 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Sha512_str(str) — Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Sha512_hex_str(str) — Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

B32_enc(str) — Encodes a string input in Base32 and outputs the result in string format.

B32_enc_str(str) — Encodes a string input in Base32 and outputs the result in string format. In some cases you need a version to deal with it.

B32_dec(str) — Decodes a Base32 encoded string input and outputs the result in string format.

B32_dec_str(str) — Decodes a Base32 encoded string input and outputs the result in string format. In some cases you need a version to deal with it.

B64_enc(str) — Encodes a string input in Base64 and outputs the result in string format.

B64_dec(str) — Decodes a Base64 encoded string input and outputs the result in string format.

Get_pid() — Returns the PID value of the VS process.

Table_to_string(t) — Returns the table in a string.

Htonl(int) — Converts a 32 bit long integer from host byte order to network byte order.

Ntohs(int) — Converts a 16 bit short integer from network byte order to host byte order.

Htons(int) — Converts a 16 bit short integer from host byte order to network byte order.

Ntohl(int) — When receiving long integers in HTTP response from the network, this command converts a 32 bit long integer from network byte order to host byte order.

To_HEX(str) — Returns the HEX calculate of the string.

Debug(str) — Prints the debug information when VS using scripting.

Log(str) — Prints the scripting running information in log format. When using this command, you should enable scripting log.

File_open(path, str) — Opens a file, returns a file object.

File_get(file, size) — Returns the file content.

File_close(file) — Closes a file.

Crc32(str)

Returns the crc32 check value of the string, or 0 if it is an empty string.

Syntax

crc32(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str = "any string for crc32 calculation"
crc = crc32(str);
debug("crc is %d\n", crc);
}

FortiADC version: V5.2

Used in events: ALL

Key_gen(str_pass, str_salt, iter_num, len_num)

Creates an AES key to encrypt/decrypt data, either generated by password or user defined.

Syntax

key_gen(str_pass, str_salt, iter_num, len_num);

Arguments
Name Description

str_pass

The password string.

str_salt

The salt string.

iter_num

The number of iterations.

len_num

The key length.
Example
when HTTP_REQUEST {
new_key = key_gen("pass", "salt", 32, 32);     -- first parameter is the password string, second the salt string, third the number of iterations, fourth the key length
debug("new key in hex is %s\n", to_HEX(new_key));
}

FortiADC version: V5.2

Used in events: ALL

Aes_enc(t)

Encrypts the data using the previously-created AES key.

Syntax

Aes_enc(t);

Arguments
Name Description

t

A table which specifies the message, key, and key size that was used to encrypt.
Example
when HTTP_REQUEST {
t={};
t["message"]  = "MICK-TEST";
t["key"]  = "aaaaaaaaaabbbbbb"            --16bit
t["size"]= 128        -- 128, 192, or 256, the corresponding key length is 16, 24, and 32
enc = aes_enc(t)
debug("The aes_enc output to HEX\n %s\n",to_HEX(enc));
}

Note:

  • Message: a string which will be encrypted
  • Key: a string to encrypt str
  • Size: must be 128, 192, or 256, the corresponding key length is 16, 24, and 32

FortiADC version: V5.2

Used in events: ALL

Aes_dec(t)

Decrypts the data using the previously-created AES key.

Syntax

Aes_dec(t);

Arguments
Name Description

t

A table which specifies the message, key, and key size that was used to decrypt.
Example
when HTTP_REQUEST {
t={};
t["message"]  = "MICK-TEST";
t["key"]  = "aaaaaaaaaabbbbbb"
t["size"]= 128 -- 128, 192, or 256, the corresponding key length is 16, 24, and 32
enc = aes_enc(t)
--aes decryption
a={};
a["message"]  = enc;
a["key"]  = "aaaaaaaaaabbbbbb"
a["size"]= 128;
dec = aes_dec(a);
debug("key length %s decrypted is %s\n",”128” ,dec);
}

Note:

  • Message: a string which will be decrypted
  • Key: a string to decrypt str
  • Size: must be 128, 192, or 256, the corresponding key length is 16, 24, and 32

FortiADC version: V5.2

Used in events: ALL

EVP_Digest(alg, str)

EVP_Digest for one-shot digest calculation.

Syntax

EVP_Digest(alg, str);

Arguments
Name Description

alg

A string which specifies the algorithm.

str

A string which will be EVP_Digested.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
data = "your data"
re = EVP_Digest(alg, data);
debug("the digest in hex is %s\n", to_HEX(re));
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

HMAC(alg, str, key)

HMAC message authentication code.

Syntax

HMAC(alg, str, key);

Arguments
Name Description

alg

A string which specifies the algorithm.

str

A string which will be calculated.

key

A string which is a secret key.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
data = "your data"
key  = "123456789ABCDEF0123456789ABCDEF\121"; -- or you can generate a key using key_gen
re = HMAC(alg, data, key);
debug("the HMAC in hex is %s\n", to_HEX(re));
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

HMAC_verify(alg, data, key, verify)

Checks if the signature is the same as the current digest.

Syntax

HMAC_verify(alg, data, key verify);

Arguments
Name Description

alg

A string which specifies the algorithm.

key

A string which is a secret key.

data

A string which will be calculated.

verify

A signature to compare the current digest against.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
data = "your data"
verify = "your result to compare"
key  = "123456789ABCDEF0123456789ABCDEF\121"; -- or you can generate a key using key_gen
re = HMAC_verify(alg, data, key, verify);
if re then
debug("verified\n")
else
debug("not verified\n")
end
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

G2F(alg, key)

Returns a G2F random value.

Syntax

G2F(alg, key);

Arguments
Name Description

alg

A string which specifies the algorithm.

key

A string which is a secret key.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
key  = "123456789ABCDEF0123456789ABCDEF\121"; -- or you can generate a key using key_gen
re = G2F(alg, key);
debug("the G2F value is %d\n", re);
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

Class_match(str, method, list)

Matches the string against an element.

Syntax

Class_match(str, method, list);

Arguments
Name Description

str

A string which will be matched.

method

A string which specifies the match method

list

A list which specifies the match target.
Example
when HTTP_REQUEST {
url_list = “”
url = HTTP:uri_get()
status, count, t = class_match(url, "starts_with", url_list);    --or "ends_with", "equals", "contains"
debug("status %s, count %s\n", status, count);
for k,v in pairs(t) do
debug("index %s, value %s\n", k,v);
end
}

Note:

Method: must be “starts_with”, “equals”, “contains”, “end_with”

This command return three parameters, first “status”: true or false means if match or not; second “count”: return the number of times matches; third “t”: return matched index and matched value in the list.

FortiADC version: V5.2

Used in events: ALL

Class_search(list, method, str)

Searches an element in the list against a string.

Syntax

Class_search(list, method, str);

Arguments
Name Description

str

A string which will be calculated.

list

A string which will be matched.

method

A string which specifies the match method.
Example
when HTTP_REQUEST {
status, count, t = class_search(url_list, "starts_with", url);     --or "ends_with",  "equals", "contains"
for k,v in pairs(t) do
debug("index %s, value %s\n", k,v);
end
}

Note:

Method: , must be “starts_with”, “equals”, “contains”, “end_with”

FortiADC version: V5.2

Used in events: ALL

Cmp_addr()

Matches one IP address against a group of IP addresses. It can automatically detect IPv4 and IPv6 and can be used to compare IPv4 addresses with IPv6 addresses.

Syntax

Cmp_addr(client_Ip, addr_group );

Arguments
Name Description

Client_ip

For an IPv4 ip_addr/[mask], the mask can be a number between 0 and 32 or a dotted format like 255.255.255.0

For an IPv6 ip_addr/[mask], the mask can be a number between 0 and 128.

Addr_group

A group of IP address.

addr_group = "192.168.1.0/24" --first network address

addr_group = addr_group..",::ffff:172.30.1.0/120" --second

network address
Example

when RULE_INIT{

--initialize the address group here

--for IPv4 address, mask can be a number between 0 to 32 or a dotted format

--support both IPv4 and IPv6, for IPv6, the mask is a number between 0 and 128

addr_group = "192.168.1.0/24"

addr_group = addr_group..",172.30.1.0/255.255.0.0"

addr_group = addr_group..",::ffff:172.40.1.0/120"

}

when HTTP_REQUEST{

client_ip = HTTP:client_addr()

matched = cmp_addr(client_ip, addr_group)

if matched then

debug("client ip found in address group\n");

else

debug("client ip not in address group\n");

end

}

FortiADC version: V4.8

Used in events: ALL

url_enc(str)

Converts the URL information into valid ASCII format.

Syntax

url_enc(str);

Arguments
Name Description

str

A string which will be converted.
Example
when HTTP_REQUEST {
url_list =https://abc.www.123.bbEEE.com/?5331=212&qe1=222
debug("Ori= %s \nencodeed= %s\n", url_list,url_enc(url_list));
}

FortiADC version: V5.2

Used in events: ALL

url_dec(str)

Converts the encoding-URL into the original URL.

Syntax

url_dec(str);

Arguments
Name Description

str

A string which will be converted.
Example
when HTTP_REQUEST {
str = "http%3A%2F%2Fwww.example.com%3A890%2Furl%2Fpath%2Fdata%3Fname%3Dforest%23nose“
debug("String= %s\ndecoded= %s\n", str,url_dec(str));
}

FortiADC version: V5.2

Used in events: ALL

url_parser(str)

Parses a URL, returns a table containing host, port, path, query, fragment, the username, password, etc., from the URL.

Syntax

url_parser(str);

Arguments
Name Description

str

A url which will be parser.

Example
when HTTP_REQUEST {
url_list="http://foo:bar@w1.superman.com/very/long/path.html?p1=v1&p2=v2#more-details"
purl = url_parser(url_list);
debug("parsed url scheme %s host %s\n port %s path %s query %s\n fragment %s, the username %s\n passowrd %s\n", purl["scheme"], purl["host"], purl["port"],purl["path"], purl["query"], purl["fragment"], purl["username"], purl["password"]);
}

FortiADC version: V5.2

Used in events: ALL

url_compare(url1, url2)

Compares two URL strings, returns true if they are the same.

Syntax

url_compare(url1, url2);

Arguments
Name Description

url1, url2

Two urls which will be compared.

Example
when HTTP_REQUEST {
url_list={};
url_list[1]="http://10.10.10.10:80/"
url_list[2]="http://10.10.10.10/"
url_list[3]="https://5.5.5.5:443/"
url_list[4]="https://5.5.5.5/"
url_list[5]="http://[2001::1]:80"
url_list[6]="http://[2001::1]"
url_list[7]="https://[2001:99:1]:443"
url_list[8]="https://[2001:99:1]"
for i = 1,8,2 do
if url_compare(url_list[i],url_list[i+1]) then
debug("URL_List %d %d Match !\n",i,i+1);
else
debug("URL_List %d %d NOT Match !\n",i,i+1);
end
end
}

FortiADC version: V5.2

Used in events: ALL

Rand()

Generates a random number. Returns an integer number. After FortiADC reboots, the random number will be different.

Syntax

rand();

Arguments

N/A

Example
when HTTP_REQUEST {
a = rand()
debug(“a = %d\n”, a)
}

FortiADC version: V5.2

Used in events: ALL

srand(str)

Sets the random seed.

Syntax

srand(str);

Arguments
Name Description

str

A string which specifies the seed.

Example
when HTTP_REQUEST {
srand(1111)
a = rand()
debug(“a = %d\n”, a)
}

FortiADC version: V5.2

Used in events: ALL

Rand_hex(int)

Generates a random number in HEX. Returns a string, length is the <int>.

Syntax

Rand_hex(int);

Arguments
Name Description

Int

An integer which specifies the length of the returned string.

Example
when HTTP_REQUEST {
b = rand_hex(15)
debug("-----rand_hex b = %s-----\n", b)
}
Result:
-----rand_hex b = 43474FB47A8A8C4-----

FortiADC version: V5.2

Used in events: ALL

Rand_alphanum(int)

Generates a random alphabet + number sequence. Returns a string, length is the <int>.

Syntax

Random_alphanum(int);

Arguments
Name Description

Int

An integer which specifies the length of the returned string.

Example
when HTTP_REQUEST {
c = rand_alphanum(17)
debug("-----rand_alphanum c = %s-----\n", c)
}
Result:
-----rand_alphanum c = XTHQpb6ngabMqH7nx-----

FortiADC version: V5.2

Used in events: ALL

Rand_seq(int)

Generates a random number sequence. Returns a string, length is the <int>.

Syntax

Rand_seq(int);

Arguments
Name Description

Int

An integer which specifies the length of the returned string.

Example
when HTTP_REQUEST {
d = rand_seq(18)
debug("-----rand_seq d = %s-----\n", d)
}
Result:

-----rand_seq = 329514876985314568-----

FortiADC version: V5.2

Used in events: ALL

Time()

Returns the current time as a number in seconds. This is the time since the Epoch was measured.

Syntax

time();

Arguments

N/A

Example
when HTTP_REQUEST {
t = time()
debug(“-----time: t %s-----\n”, t)
}
Result:
-----time: t 1561424783-----

FortiADC version: V4.8

Used in events: ALL

Ctime()

Returns the current time as a string, for example, “Tue Jun 25 14:11:01 2019”.

Syntax

ctime();

Arguments

N/A

Example
when HTTP_REQUEST {
ct = ctime()
debug(“-----ctime: ct %s-----\n”, ct)
}
Result:
-----ctime: ct Mon Jun 24 18:06:23 2019-----

FortiADC version: V4.8

Used in events: ALL

gmtime()

Returns the GMT time as a string, for example, “Thu 27 Jun 2019 18:27:42 GMT”.

Syntax

gmtime();

Arguments

N/A

Example
when HTTP_REQUEST {
gt = gmtime()
debug(“-----gmtime: gt %s-----\n”, gt)
}
Result:
-----gmtime: gt Thu 27 Jun 2019 18:27:42 GMT -----

FortiADC version: V5.3

Used in events: ALL

Md5(str)

Returns the MD5 calculated for the specified string.

Syntax

Md5(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
md5 = md5(str1)
str = “test string”
a=12
md = md5(“%s,123%d”,str,a)
}

FortiADC version: V4.8

Used in events: ALL

Md5_hex(str)

Returns the MD5 value in hex as a string.

Syntax

Md5_hex(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
str2 = md5_hex(str1)
}

FortiADC version: V4.8

Used in events: ALL

Md5_str(str)

Calculates the MD5 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Syntax

Md5_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
md5 = md5_str(input);     --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Md5_hex_str(str)

Calculates the MD5 of a string input of a string input and outputs the results in HEX format, in some cases you need a version to deal with it.

Syntax

Md5_hex_str(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
md = md5_hex_str(input);   --input  can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha1(str)

Returns the SHA-1 calculated for the specified string.

Syntax

Sha1(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
result = sha1(input)
}

FortiADC version: V4.8

Used in events: ALL

Sha1_hex(str)

Returns the SHA-1 calculated for the string in hex.

Syntax

Sha1_hex(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “123456789”
sha1 = sha1_hex(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha1_str(str)

Calculates the SHA-1 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Syntax

Sha1_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha1_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha1_hex_str(str)

Calculates the SHA-1 of a string input and output the results in HEX format, in some cases you need a version to deal with it.

Syntax

Sha1_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha1_hex_str(input);  -- input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha256(str)

Calculates the SHA-256 of a string input and stores the result in an intermediate variable.

Syntax

Sha256(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
str2 = sha256(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha256_hex(str)

Calculates the SHA-256 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha256_hex(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
sha256 = sha256_hex(str)
}

FortiADC version: V4.8

Used in events: ALL

Sha256_str(str)

Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha256_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha256_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha256_hex_str(str)

Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Syntax

Sha256_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha256_hex_str(input); --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha384(str)

Calculates the SHA-384 of a string input and stores the result in an intermediate variable.

Syntax

Sha384(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
str2 = sha384(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha384_hex(str)

Calculates the SHA-384 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha384_hex(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
sha384 = sha384_hex(str)
}

FortiADC version: V4.8

Used in events: ALL

Sha384_str(str)

Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha384_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha384_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha384_hex_str(str)

Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Syntax

Sha384_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha384_hex_str(input); --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha512(str)

Calculates the SHA-512 of a string input and stores the result in an intermediate variable.

Syntax

Sha512(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
str2 = sha512(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha512_hex(str)

Calculates the SHA-512 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha512_hex(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
sha512 = sha512_hex(str)
}

FortiADC version: V4.8

Used in events: ALL

Sha512_str(str)

Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha512_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha512_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha512_hex_str(str)

Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Syntax

Sha512_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha512_hex_str(input); --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

B32_enc(str)

Encodes a string input in Base32 and outputs the result in string format.

Syntax

B32_enc(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str = “abc”
en = b32_enc(str)
}

FortiADC version: V5.2

Used in events: ALL

B32_enc_str(str)

Encodes a string input in Base32 and outputs the result in string format. In some cases you need a version to deal with it.

Syntax

B32_enc_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b32_enc_str(input);    --input can be a cert in DER format
}

FortiADC version: V5.2

Used in events: ALL

B32_dec(str)

Decodes a Base32 encoded string input and outputs the result in string format.

Syntax

B32_dec(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str = “abc”
dec = b32_dec(str)
}

FortiADC version: V5.2

Used in events: ALL

B32_dec_str(str)

Decodes a Base32 encoded string input and outputs the result in string format. In some cases you need a version to deal with it.

Syntax

B32_dec_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b32_dec_str(input);    --input can be a cert in DER format
}

FortiADC version: V5.2

Used in events: ALL

B64_enc(str)

Encodes a string input in Base64 and outputs the result in string format.

Syntax

B64_enc(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b64_enc(input);
--Input can be general format:
str=”test string”
a=12
en=b64_enc(“%s, 123 %d”, str, a);
}

FortiADC version: V4.8

Used in events: ALL

B64_dec(str)

Decodes a Base64 encoded string input and outputs the result in string format.

Syntax

B64_dec(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b64_dec(input);
str=”test string”
a=12
de=b64_dec(“%s, 123 %d”, str, a);
}

FortiADC version: V4.8

Used in events: ALL

Get_pid()

Returns the PID value of the VS process.

Syntax

Get_pid();

Arguments

N/A

Example
when HTTP_REQUEST {
pid = get_pid();
debug(“VS PID is : %d\n”, pid)
}

FortiADC version: V5.2

Used in events: ALL

Table_to_string(t)

Returns the table in a string.

Syntax

Table_to_string(t);

Arguments
Name Description

t

The table which specifies the information.
Example
when HTTP_REQUEST {
t={};
t[1]=97;
t[2]=98;
t[3]=99;
t[4]=1;
str = table_to_string(t);
debug(“str is %s\n”, str)
}
Result:
str is abc

FortiADC version: V4.8

Used in events: ALL

Htonl(int)

Converts a 32 bit long integer from host byte order to network byte order.

Syntax

htonl(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=htonl(str)
debug("return : %x \n", test)
}
Result:
return: 78563412

FortiADC version: V4.8

Used in events: ALL

Ntohs(int)

Converts a 16 bit short integer from network byte order to host byte order.

Syntax

ntohs(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=ntohs(str)
debug("return : %x \n", test)
}
Result:
Return: 7856

FortiADC version: V4.8

Used in events: ALL

Htons(int)

Converts a 16 bit short integer from host byte order to network byte order.

Syntax

htons(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=htons(str)
debug("return : %x \n", test)
}
Result
Return: 7856

FortiADC version: V4.8

Used in events: ALL

Ntohl(int)

When receiving long integers in HTTP response from the network, this command converts a 32 bit long integer from network byte order to host byte order.

Syntax

ntohl(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=ntohl(str)
debug("return : %x \n", test)
log("record a log: %x \n", test)
}
Result:
return: 78563412

FortiADC version: V4.8

Used in events: ALL

To_HEX(str)

Returns the HEX calculate of the string.

Syntax

To_HEX(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
str = “\0\123\3”
hex = to_HEX(str)
debug(“this str in hex is: %s\n”, hex)
}

FortiADC version: V4.8

Used in events: ALL

Debug(str)

Prints the debug information when VS using scripting.

Syntax

debug(str);

Arguments
Name Description

str

A string which will be printed.
Example
when HTTP_REQUEST {
debug(“http request method is %s.\n”, HTTP:method_get())
}

FortiADC version: V4.3

Used in events: ALL

Log(str)

Prints the scripting running information in log format. When using this command, you should enable scripting log.

Syntax

log(str);

Arguments
Name Description

str

A string which will be logged.
Example
when HTTP_REQUEST {
log(“http request method is %s.\n”, HTTP:method_get())
}

FortiADC version: V4.8

Used in events: ALL

File_open(path, str)

Opens a file, returns a file object.

Syntax

File_open(path, str);

Arguments
Name Description

str

A string which specifies the method to open the file.

path

A string which specifies the file path.
Example
when HTTP_REQUEST {
filepath = "/etc/resolv.conf";
fp = file_open(filepath,"r");
if not fp then
debug("file open failed\n");
end
repeat
line = file_gets(fp, 256);
if line then
debug("line %s", line);
end
until not line
file_close(fp);
}

FortiADC version: V5.2

Used in events: ALL

File_get(file, size)

Returns the file content.

Syntax

File_get(file, size);

Arguments
Name Description

file

A file object that get from file_open()

FortiADC version: V5.2

Used in events: ALL

File_close(file)

Closes a file.

Syntax

File_close(file);

Arguments
Name Description

file

A file object which will be closed.

FortiADC version: V5.2

Used in events: ALL

Previous
Next

Global commands

Crc32(str) — Returns the crc32 check value of the string, or 0 if it is an empty string.

Key_gen(str_pass, str_salt, iter_num, len_num) — Creates an AES key to encrypt/decrypt data, either generated by password or user defined.

Aes_enc(t) — Encrypts the data using the previously-created AES key.

Aes_dec(t) — Decrypts the data using the previously-created AES key.

EVP_Digest(alg, str) — EVP_Digest for one-shot digest calculation.

HMAC(alg, str, key) — HMAC message authentication code.

HMAC_verify(alg, data, key, verify) — Checks if the signature is the same as the current digest.

G2F(alg, key) — Returns a G2F random value.

Class_match(str, method, list) — Matches the string against an element.

Class_search(list, method, str) — Searches an element in the list against a string.

Cmp_addr() — Matches one IP address against a group of IP addresses. It can automatically detect IPv4 and IPv6 and can be used to compare IPv4 addresses with IPv6 addresses.

url_enc(str) — Converts the URL information into valid ASCII format.

url_dec(str) — Converts the encoding-URL into the original URL.

url_parser(str) — Parses a URL, returns a table containing host, port, path, query, fragment, the username, password, etc., from the URL.

url_compare(url1, url2) — Compares two URL strings, returns true if they are the same.

Rand() — Generates a random number. Returns an integer number. After FortiADC reboots, the random number will be different.

srand(str) — Sets the random seed.

Rand_hex(int) — Generates a random number in HEX. Returns a string, length is the <int>.

Rand_alphanum(int) — Generates a random alphabet + number sequence. Returns a string, length is the <int>.

Rand_seq(int) — Generates a random number sequence. Returns a string, length is the <int>.

Time() — Returns the current time as a number in seconds. This is the time since the Epoch was measured.

Ctime() — Returns the current time as a string, for example, “Tue Jun 25 14:11:01 2019”.

gmtime() — Returns the GMT time as a string, for example, “Thu 27 Jun 2019 18:27:42 GMT”.

Md5(str) — Returns the MD5 calculated for the specified string.

Md5_hex(str) — Returns the MD5 value in hex as a string.

Md5_str(str) — Calculates the MD5 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Md5_hex_str(str) — Calculates the MD5 of a string input of a string input and outputs the results in HEX format, in some cases you need a version to deal with it.

Sha1(str) — Returns the SHA-1 calculated for the specified string.

Sha1_hex(str) — Returns the SHA-1 calculated for the string in hex.

Sha1_str(str) — Calculates the SHA-1 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Sha1_hex_str(str) — Calculates the SHA-1 of a string input and output the results in HEX format, in some cases you need a version to deal with it.

Sha256(str) — Calculates the SHA-256 of a string input and stores the result in an intermediate variable.

Sha256_hex(str) — Calculates the SHA-256 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Sha256_str(str) — Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Sha256_hex_str(str) — Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Sha384(str) — Calculates the SHA-384 of a string input and stores the result in an intermediate variable.

Sha384_hex(str) — Calculates the SHA-384 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Sha384_str(str) — Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Sha384_hex_str(str) — Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Sha512(str) — Calculates the SHA-512 of a string input and stores the result in an intermediate variable.

Sha512_hex(str) — Calculates the SHA-512 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Sha512_str(str) — Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Sha512_hex_str(str) — Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

B32_enc(str) — Encodes a string input in Base32 and outputs the result in string format.

B32_enc_str(str) — Encodes a string input in Base32 and outputs the result in string format. In some cases you need a version to deal with it.

B32_dec(str) — Decodes a Base32 encoded string input and outputs the result in string format.

B32_dec_str(str) — Decodes a Base32 encoded string input and outputs the result in string format. In some cases you need a version to deal with it.

B64_enc(str) — Encodes a string input in Base64 and outputs the result in string format.

B64_dec(str) — Decodes a Base64 encoded string input and outputs the result in string format.

Get_pid() — Returns the PID value of the VS process.

Table_to_string(t) — Returns the table in a string.

Htonl(int) — Converts a 32 bit long integer from host byte order to network byte order.

Ntohs(int) — Converts a 16 bit short integer from network byte order to host byte order.

Htons(int) — Converts a 16 bit short integer from host byte order to network byte order.

Ntohl(int) — When receiving long integers in HTTP response from the network, this command converts a 32 bit long integer from network byte order to host byte order.

To_HEX(str) — Returns the HEX calculate of the string.

Debug(str) — Prints the debug information when VS using scripting.

Log(str) — Prints the scripting running information in log format. When using this command, you should enable scripting log.

File_open(path, str) — Opens a file, returns a file object.

File_get(file, size) — Returns the file content.

File_close(file) — Closes a file.

Crc32(str)

Returns the crc32 check value of the string, or 0 if it is an empty string.

Syntax

crc32(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str = "any string for crc32 calculation"
crc = crc32(str);
debug("crc is %d\n", crc);
}

FortiADC version: V5.2

Used in events: ALL

Key_gen(str_pass, str_salt, iter_num, len_num)

Creates an AES key to encrypt/decrypt data, either generated by password or user defined.

Syntax

key_gen(str_pass, str_salt, iter_num, len_num);

Arguments
Name Description

str_pass

The password string.

str_salt

The salt string.

iter_num

The number of iterations.

len_num

The key length.
Example
when HTTP_REQUEST {
new_key = key_gen("pass", "salt", 32, 32);     -- first parameter is the password string, second the salt string, third the number of iterations, fourth the key length
debug("new key in hex is %s\n", to_HEX(new_key));
}

FortiADC version: V5.2

Used in events: ALL

Aes_enc(t)

Encrypts the data using the previously-created AES key.

Syntax

Aes_enc(t);

Arguments
Name Description

t

A table which specifies the message, key, and key size that was used to encrypt.
Example
when HTTP_REQUEST {
t={};
t["message"]  = "MICK-TEST";
t["key"]  = "aaaaaaaaaabbbbbb"            --16bit
t["size"]= 128        -- 128, 192, or 256, the corresponding key length is 16, 24, and 32
enc = aes_enc(t)
debug("The aes_enc output to HEX\n %s\n",to_HEX(enc));
}

Note:

  • Message: a string which will be encrypted
  • Key: a string to encrypt str
  • Size: must be 128, 192, or 256, the corresponding key length is 16, 24, and 32

FortiADC version: V5.2

Used in events: ALL

Aes_dec(t)

Decrypts the data using the previously-created AES key.

Syntax

Aes_dec(t);

Arguments
Name Description

t

A table which specifies the message, key, and key size that was used to decrypt.
Example
when HTTP_REQUEST {
t={};
t["message"]  = "MICK-TEST";
t["key"]  = "aaaaaaaaaabbbbbb"
t["size"]= 128 -- 128, 192, or 256, the corresponding key length is 16, 24, and 32
enc = aes_enc(t)
--aes decryption
a={};
a["message"]  = enc;
a["key"]  = "aaaaaaaaaabbbbbb"
a["size"]= 128;
dec = aes_dec(a);
debug("key length %s decrypted is %s\n",”128” ,dec);
}

Note:

  • Message: a string which will be decrypted
  • Key: a string to decrypt str
  • Size: must be 128, 192, or 256, the corresponding key length is 16, 24, and 32

FortiADC version: V5.2

Used in events: ALL

EVP_Digest(alg, str)

EVP_Digest for one-shot digest calculation.

Syntax

EVP_Digest(alg, str);

Arguments
Name Description

alg

A string which specifies the algorithm.

str

A string which will be EVP_Digested.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
data = "your data"
re = EVP_Digest(alg, data);
debug("the digest in hex is %s\n", to_HEX(re));
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

HMAC(alg, str, key)

HMAC message authentication code.

Syntax

HMAC(alg, str, key);

Arguments
Name Description

alg

A string which specifies the algorithm.

str

A string which will be calculated.

key

A string which is a secret key.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
data = "your data"
key  = "123456789ABCDEF0123456789ABCDEF\121"; -- or you can generate a key using key_gen
re = HMAC(alg, data, key);
debug("the HMAC in hex is %s\n", to_HEX(re));
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

HMAC_verify(alg, data, key, verify)

Checks if the signature is the same as the current digest.

Syntax

HMAC_verify(alg, data, key verify);

Arguments
Name Description

alg

A string which specifies the algorithm.

key

A string which is a secret key.

data

A string which will be calculated.

verify

A signature to compare the current digest against.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
data = "your data"
verify = "your result to compare"
key  = "123456789ABCDEF0123456789ABCDEF\121"; -- or you can generate a key using key_gen
re = HMAC_verify(alg, data, key, verify);
if re then
debug("verified\n")
else
debug("not verified\n")
end
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

G2F(alg, key)

Returns a G2F random value.

Syntax

G2F(alg, key);

Arguments
Name Description

alg

A string which specifies the algorithm.

key

A string which is a secret key.
Example
when HTTP_REQUEST {
alg = "MD5"; -- or "SHA1", "SHA256", "SHA384", "SHA512"
key  = "123456789ABCDEF0123456789ABCDEF\121"; -- or you can generate a key using key_gen
re = G2F(alg, key);
debug("the G2F value is %d\n", re);
}

Note:

Alg: type of hashing algorithms to use, must be MD5, SHA1, SHA256, SHA384, SHA512

FortiADC version: V5.2

Used in events: ALL

Class_match(str, method, list)

Matches the string against an element.

Syntax

Class_match(str, method, list);

Arguments
Name Description

str

A string which will be matched.

method

A string which specifies the match method

list

A list which specifies the match target.
Example
when HTTP_REQUEST {
url_list = “”
url = HTTP:uri_get()
status, count, t = class_match(url, "starts_with", url_list);    --or "ends_with", "equals", "contains"
debug("status %s, count %s\n", status, count);
for k,v in pairs(t) do
debug("index %s, value %s\n", k,v);
end
}

Note:

Method: must be “starts_with”, “equals”, “contains”, “end_with”

This command return three parameters, first “status”: true or false means if match or not; second “count”: return the number of times matches; third “t”: return matched index and matched value in the list.

FortiADC version: V5.2

Used in events: ALL

Class_search(list, method, str)

Searches an element in the list against a string.

Syntax

Class_search(list, method, str);

Arguments
Name Description

str

A string which will be calculated.

list

A string which will be matched.

method

A string which specifies the match method.
Example
when HTTP_REQUEST {
status, count, t = class_search(url_list, "starts_with", url);     --or "ends_with",  "equals", "contains"
for k,v in pairs(t) do
debug("index %s, value %s\n", k,v);
end
}

Note:

Method: , must be “starts_with”, “equals”, “contains”, “end_with”

FortiADC version: V5.2

Used in events: ALL

Cmp_addr()

Matches one IP address against a group of IP addresses. It can automatically detect IPv4 and IPv6 and can be used to compare IPv4 addresses with IPv6 addresses.

Syntax

Cmp_addr(client_Ip, addr_group );

Arguments
Name Description

Client_ip

For an IPv4 ip_addr/[mask], the mask can be a number between 0 and 32 or a dotted format like 255.255.255.0

For an IPv6 ip_addr/[mask], the mask can be a number between 0 and 128.

Addr_group

A group of IP address.

addr_group = "192.168.1.0/24" --first network address

addr_group = addr_group..",::ffff:172.30.1.0/120" --second

network address
Example

when RULE_INIT{

--initialize the address group here

--for IPv4 address, mask can be a number between 0 to 32 or a dotted format

--support both IPv4 and IPv6, for IPv6, the mask is a number between 0 and 128

addr_group = "192.168.1.0/24"

addr_group = addr_group..",172.30.1.0/255.255.0.0"

addr_group = addr_group..",::ffff:172.40.1.0/120"

}

when HTTP_REQUEST{

client_ip = HTTP:client_addr()

matched = cmp_addr(client_ip, addr_group)

if matched then

debug("client ip found in address group\n");

else

debug("client ip not in address group\n");

end

}

FortiADC version: V4.8

Used in events: ALL

url_enc(str)

Converts the URL information into valid ASCII format.

Syntax

url_enc(str);

Arguments
Name Description

str

A string which will be converted.
Example
when HTTP_REQUEST {
url_list =https://abc.www.123.bbEEE.com/?5331=212&qe1=222
debug("Ori= %s \nencodeed= %s\n", url_list,url_enc(url_list));
}

FortiADC version: V5.2

Used in events: ALL

url_dec(str)

Converts the encoding-URL into the original URL.

Syntax

url_dec(str);

Arguments
Name Description

str

A string which will be converted.
Example
when HTTP_REQUEST {
str = "http%3A%2F%2Fwww.example.com%3A890%2Furl%2Fpath%2Fdata%3Fname%3Dforest%23nose“
debug("String= %s\ndecoded= %s\n", str,url_dec(str));
}

FortiADC version: V5.2

Used in events: ALL

url_parser(str)

Parses a URL, returns a table containing host, port, path, query, fragment, the username, password, etc., from the URL.

Syntax

url_parser(str);

Arguments
Name Description

str

A url which will be parser.

Example
when HTTP_REQUEST {
url_list="http://foo:bar@w1.superman.com/very/long/path.html?p1=v1&p2=v2#more-details"
purl = url_parser(url_list);
debug("parsed url scheme %s host %s\n port %s path %s query %s\n fragment %s, the username %s\n passowrd %s\n", purl["scheme"], purl["host"], purl["port"],purl["path"], purl["query"], purl["fragment"], purl["username"], purl["password"]);
}

FortiADC version: V5.2

Used in events: ALL

url_compare(url1, url2)

Compares two URL strings, returns true if they are the same.

Syntax

url_compare(url1, url2);

Arguments
Name Description

url1, url2

Two urls which will be compared.

Example
when HTTP_REQUEST {
url_list={};
url_list[1]="http://10.10.10.10:80/"
url_list[2]="http://10.10.10.10/"
url_list[3]="https://5.5.5.5:443/"
url_list[4]="https://5.5.5.5/"
url_list[5]="http://[2001::1]:80"
url_list[6]="http://[2001::1]"
url_list[7]="https://[2001:99:1]:443"
url_list[8]="https://[2001:99:1]"
for i = 1,8,2 do
if url_compare(url_list[i],url_list[i+1]) then
debug("URL_List %d %d Match !\n",i,i+1);
else
debug("URL_List %d %d NOT Match !\n",i,i+1);
end
end
}

FortiADC version: V5.2

Used in events: ALL

Rand()

Generates a random number. Returns an integer number. After FortiADC reboots, the random number will be different.

Syntax

rand();

Arguments

N/A

Example
when HTTP_REQUEST {
a = rand()
debug(“a = %d\n”, a)
}

FortiADC version: V5.2

Used in events: ALL

srand(str)

Sets the random seed.

Syntax

srand(str);

Arguments
Name Description

str

A string which specifies the seed.

Example
when HTTP_REQUEST {
srand(1111)
a = rand()
debug(“a = %d\n”, a)
}

FortiADC version: V5.2

Used in events: ALL

Rand_hex(int)

Generates a random number in HEX. Returns a string, length is the <int>.

Syntax

Rand_hex(int);

Arguments
Name Description

Int

An integer which specifies the length of the returned string.

Example
when HTTP_REQUEST {
b = rand_hex(15)
debug("-----rand_hex b = %s-----\n", b)
}
Result:
-----rand_hex b = 43474FB47A8A8C4-----

FortiADC version: V5.2

Used in events: ALL

Rand_alphanum(int)

Generates a random alphabet + number sequence. Returns a string, length is the <int>.

Syntax

Random_alphanum(int);

Arguments
Name Description

Int

An integer which specifies the length of the returned string.

Example
when HTTP_REQUEST {
c = rand_alphanum(17)
debug("-----rand_alphanum c = %s-----\n", c)
}
Result:
-----rand_alphanum c = XTHQpb6ngabMqH7nx-----

FortiADC version: V5.2

Used in events: ALL

Rand_seq(int)

Generates a random number sequence. Returns a string, length is the <int>.

Syntax

Rand_seq(int);

Arguments
Name Description

Int

An integer which specifies the length of the returned string.

Example
when HTTP_REQUEST {
d = rand_seq(18)
debug("-----rand_seq d = %s-----\n", d)
}
Result:

-----rand_seq = 329514876985314568-----

FortiADC version: V5.2

Used in events: ALL

Time()

Returns the current time as a number in seconds. This is the time since the Epoch was measured.

Syntax

time();

Arguments

N/A

Example
when HTTP_REQUEST {
t = time()
debug(“-----time: t %s-----\n”, t)
}
Result:
-----time: t 1561424783-----

FortiADC version: V4.8

Used in events: ALL

Ctime()

Returns the current time as a string, for example, “Tue Jun 25 14:11:01 2019”.

Syntax

ctime();

Arguments

N/A

Example
when HTTP_REQUEST {
ct = ctime()
debug(“-----ctime: ct %s-----\n”, ct)
}
Result:
-----ctime: ct Mon Jun 24 18:06:23 2019-----

FortiADC version: V4.8

Used in events: ALL

gmtime()

Returns the GMT time as a string, for example, “Thu 27 Jun 2019 18:27:42 GMT”.

Syntax

gmtime();

Arguments

N/A

Example
when HTTP_REQUEST {
gt = gmtime()
debug(“-----gmtime: gt %s-----\n”, gt)
}
Result:
-----gmtime: gt Thu 27 Jun 2019 18:27:42 GMT -----

FortiADC version: V5.3

Used in events: ALL

Md5(str)

Returns the MD5 calculated for the specified string.

Syntax

Md5(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
md5 = md5(str1)
str = “test string”
a=12
md = md5(“%s,123%d”,str,a)
}

FortiADC version: V4.8

Used in events: ALL

Md5_hex(str)

Returns the MD5 value in hex as a string.

Syntax

Md5_hex(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
str2 = md5_hex(str1)
}

FortiADC version: V4.8

Used in events: ALL

Md5_str(str)

Calculates the MD5 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Syntax

Md5_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
md5 = md5_str(input);     --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Md5_hex_str(str)

Calculates the MD5 of a string input of a string input and outputs the results in HEX format, in some cases you need a version to deal with it.

Syntax

Md5_hex_str(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
md = md5_hex_str(input);   --input  can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha1(str)

Returns the SHA-1 calculated for the specified string.

Syntax

Sha1(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
result = sha1(input)
}

FortiADC version: V4.8

Used in events: ALL

Sha1_hex(str)

Returns the SHA-1 calculated for the string in hex.

Syntax

Sha1_hex(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “123456789”
sha1 = sha1_hex(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha1_str(str)

Calculates the SHA-1 of a string input and stores the results in an intermediate variable, in some cases you need a version to deal with it.

Syntax

Sha1_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha1_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha1_hex_str(str)

Calculates the SHA-1 of a string input and output the results in HEX format, in some cases you need a version to deal with it.

Syntax

Sha1_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha1_hex_str(input);  -- input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha256(str)

Calculates the SHA-256 of a string input and stores the result in an intermediate variable.

Syntax

Sha256(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
str2 = sha256(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha256_hex(str)

Calculates the SHA-256 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha256_hex(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
str1 = “abc”
sha256 = sha256_hex(str)
}

FortiADC version: V4.8

Used in events: ALL

Sha256_str(str)

Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha256_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha256_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha256_hex_str(str)

Calculates the SHA-256 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Syntax

Sha256_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.
Example
when HTTP_REQUEST {
result = sha256_hex_str(input); --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha384(str)

Calculates the SHA-384 of a string input and stores the result in an intermediate variable.

Syntax

Sha384(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
str2 = sha384(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha384_hex(str)

Calculates the SHA-384 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha384_hex(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
sha384 = sha384_hex(str)
}

FortiADC version: V4.8

Used in events: ALL

Sha384_str(str)

Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha384_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha384_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha384_hex_str(str)

Calculates the SHA-384 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Syntax

Sha384_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha384_hex_str(input); --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha512(str)

Calculates the SHA-512 of a string input and stores the result in an intermediate variable.

Syntax

Sha512(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
str2 = sha512(str1)
}

FortiADC version: V4.8

Used in events: ALL

Sha512_hex(str)

Calculates the SHA-512 of a string input and outputs the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha512_hex(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str1 = “abc”
sha512 = sha512_hex(str)
}

FortiADC version: V4.8

Used in events: ALL

Sha512_str(str)

Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some cases you need a version to deal with it.

Syntax

Sha512_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha512_str(input);   --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

Sha512_hex_str(str)

Calculates the SHA-512 of a string input and stores the result in an intermediate variable. In some case you need a version to deal with it.

Syntax

Sha512_hex_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = sha512_hex_str(input); --input can be a cert in DER format
}

FortiADC version: V4.8

Used in events: ALL

B32_enc(str)

Encodes a string input in Base32 and outputs the result in string format.

Syntax

B32_enc(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str = “abc”
en = b32_enc(str)
}

FortiADC version: V5.2

Used in events: ALL

B32_enc_str(str)

Encodes a string input in Base32 and outputs the result in string format. In some cases you need a version to deal with it.

Syntax

B32_enc_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b32_enc_str(input);    --input can be a cert in DER format
}

FortiADC version: V5.2

Used in events: ALL

B32_dec(str)

Decodes a Base32 encoded string input and outputs the result in string format.

Syntax

B32_dec(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
str = “abc”
dec = b32_dec(str)
}

FortiADC version: V5.2

Used in events: ALL

B32_dec_str(str)

Decodes a Base32 encoded string input and outputs the result in string format. In some cases you need a version to deal with it.

Syntax

B32_dec_str(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b32_dec_str(input);    --input can be a cert in DER format
}

FortiADC version: V5.2

Used in events: ALL

B64_enc(str)

Encodes a string input in Base64 and outputs the result in string format.

Syntax

B64_enc(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b64_enc(input);
--Input can be general format:
str=”test string”
a=12
en=b64_enc(“%s, 123 %d”, str, a);
}

FortiADC version: V4.8

Used in events: ALL

B64_dec(str)

Decodes a Base64 encoded string input and outputs the result in string format.

Syntax

B64_dec(str);

Arguments
Name Description

str

The string which will be calculated.

Example
when HTTP_REQUEST {
result = b64_dec(input);
str=”test string”
a=12
de=b64_dec(“%s, 123 %d”, str, a);
}

FortiADC version: V4.8

Used in events: ALL

Get_pid()

Returns the PID value of the VS process.

Syntax

Get_pid();

Arguments

N/A

Example
when HTTP_REQUEST {
pid = get_pid();
debug(“VS PID is : %d\n”, pid)
}

FortiADC version: V5.2

Used in events: ALL

Table_to_string(t)

Returns the table in a string.

Syntax

Table_to_string(t);

Arguments
Name Description

t

The table which specifies the information.
Example
when HTTP_REQUEST {
t={};
t[1]=97;
t[2]=98;
t[3]=99;
t[4]=1;
str = table_to_string(t);
debug(“str is %s\n”, str)
}
Result:
str is abc

FortiADC version: V4.8

Used in events: ALL

Htonl(int)

Converts a 32 bit long integer from host byte order to network byte order.

Syntax

htonl(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=htonl(str)
debug("return : %x \n", test)
}
Result:
return: 78563412

FortiADC version: V4.8

Used in events: ALL

Ntohs(int)

Converts a 16 bit short integer from network byte order to host byte order.

Syntax

ntohs(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=ntohs(str)
debug("return : %x \n", test)
}
Result:
Return: 7856

FortiADC version: V4.8

Used in events: ALL

Htons(int)

Converts a 16 bit short integer from host byte order to network byte order.

Syntax

htons(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=htons(str)
debug("return : %x \n", test)
}
Result
Return: 7856

FortiADC version: V4.8

Used in events: ALL

Ntohl(int)

When receiving long integers in HTTP response from the network, this command converts a 32 bit long integer from network byte order to host byte order.

Syntax

ntohl(int);

Arguments
Name Description

int

An integer which will be calculated.
Example
when HTTP_REQUEST {
str="0x12345678"
test=ntohl(str)
debug("return : %x \n", test)
log("record a log: %x \n", test)
}
Result:
return: 78563412

FortiADC version: V4.8

Used in events: ALL

To_HEX(str)

Returns the HEX calculate of the string.

Syntax

To_HEX(str);

Arguments
Name Description

str

A string which will be calculated.
Example
when HTTP_REQUEST {
str = “\0\123\3”
hex = to_HEX(str)
debug(“this str in hex is: %s\n”, hex)
}

FortiADC version: V4.8

Used in events: ALL

Debug(str)

Prints the debug information when VS using scripting.

Syntax

debug(str);

Arguments
Name Description

str

A string which will be printed.
Example
when HTTP_REQUEST {
debug(“http request method is %s.\n”, HTTP:method_get())
}

FortiADC version: V4.3

Used in events: ALL

Log(str)

Prints the scripting running information in log format. When using this command, you should enable scripting log.

Syntax

log(str);

Arguments
Name Description

str

A string which will be logged.
Example
when HTTP_REQUEST {
log(“http request method is %s.\n”, HTTP:method_get())
}

FortiADC version: V4.8

Used in events: ALL

File_open(path, str)

Opens a file, returns a file object.

Syntax

File_open(path, str);

Arguments
Name Description

str

A string which specifies the method to open the file.

path

A string which specifies the file path.
Example
when HTTP_REQUEST {
filepath = "/etc/resolv.conf";
fp = file_open(filepath,"r");
if not fp then
debug("file open failed\n");
end
repeat
line = file_gets(fp, 256);
if line then
debug("line %s", line);
end
until not line
file_close(fp);
}

FortiADC version: V5.2

Used in events: ALL

File_get(file, size)

Returns the file content.

Syntax

File_get(file, size);

Arguments
Name Description

file

A file object that get from file_open()

FortiADC version: V5.2

Used in events: ALL

File_close(file)

Closes a file.

Syntax

File_close(file);

Arguments
Name Description

file

A file object which will be closed.

FortiADC version: V5.2

Used in events: ALL

Previous
Next