Events and actions
Scripts are associated with a particular virtual server, and they are event-driven. A script is triggered when the associated virtual server receives an HTTP request or response. Then, it does the programmed action.
You can set different script priorities when you run multiple scripts at once. See Prioritize scripts for more information. |
Script events and actions provides the syntax, usage, and examples of the predefined commands that are useful for writing scripts.
Event/Action | Description |
---|---|
Event | |
HTTP_REQUEST | The virtual server receives a complete HTTP request header. |
HTTP_RESPONSE | The virtual server receives a complete HTTP response header. |
RULE_INIT | The event is used to initialize global or static variables used within a script. It is triggered when a script is added or modified, or when the device starts up, or when the software is restarted. |
VS_LISTENER_BIND | The virtual server tries to bind. |
SERVER_BEFORE_CONNECT | The virtual server is going to connect to the backend real server. |
SERVER_CONNECTED | The HTTP proxy deems that the backend real server is connected. |
AUTH_RESULT | The authentication (HTML Form / HTTP-basic) is done. |
HTTP_RESPONSE_CONTINUE | Triggered immediately when the system receives a 100 continue response from the server. |
HTTP_DATA_FETCH_SET_DEMO | FortiADC reads the body of every HTTP request, and can manipulate the data depending on settings. |
HTTP_DATA_REQUEST | Triggered whenever an HTTP:collect command finishes processing, after collecting the requested amount of data. |
HTTP_REQUEST_SEND | Triggered immediately before a request is sent to a server. |
HTTP_RESPONSE_CONTINUE | Triggered immediately when the system receives a 100 Continue response from the server. |
HTTP_DATA_RESPONSE |
Triggered when an HTTP:collect command finishes processing on the server side of a connection. |
CLIENTSSL_HANDSHAKE | The virtual server receives a complete HTTPS handshake on the client side. |
SERVERSSL_HANDSHAKE | FortiADC receives a complete HTTPS handshake on the server side. |
CLIENTSSL_RENEGOTIATE | The virtual server receives a re-connection request from a peer. |
SERVERSSL_RENEGOTIATE | FortiADC sends a re-connection request to a peer. |
TCP_ACCEPTED | The virtual server receives a complete TCP connection. |
TCP_CLOSED | The virtual server close a TCP connection. |
PERSISTENCE |
Event hook inside process_sticking_rules() in httproxy. |
POST-PERSIST |
Event hook after LB is done and assigns real server according to ADC method. |
WAF_REQUEST_BEFORE_SCAN |
Event hook before the WAF_SCAN_STAGE_REQ_HEADER starts. If WAF function is not enabled on VS, then this will not be triggered. |
WAF_RESPONSE_BEFORE_SCAN |
Event hook before the WAF_SCAN_STAGE_RES_HEADER starts. If WAF function is not enabled on VS, then this will not be triggered. |
WAF_REQUEST_ATTACK_DETECTED |
Event hook after all request stages when there are attacks detected (violation). If WAF function is not enabled on VS, then this will not be triggered. If WAF module does not detect any violations, then this will not be triggered. |
WAF_RESPONSE_ATTACK_DETECTED |
Event hook after all response stages when there are attacks detected (violation). If WAF function is not enabled on VS, then this will not be triggered. If WAF module does not detect any violations, then this will not be triggered. |
Action | |
in Lua mode | An action defined by a Lua script that uses predefined commands and variables to manipulate the HTTP request/response or select a content route. |