Pulse Secure Virtual Traffic Manager: Trafficscript Guide, V19.3

Total Page:16

File Type:pdf, Size:1020Kb

Pulse Secure Virtual Traffic Manager: Trafficscript Guide, V19.3 Pulse Secure Virtual Traffic Manager: TrafficScript Guide Supporting Pulse Secure Virtual Traffic Manager 19.3 Product Release 19.3 Published 15 October, 2019 Document Version 1.0 Pulse Secure Virtual Traffic Manager: TrafficScript Guide Pulse Secure, LLC 2700 Zanker Road, Suite 200 San Jose CA 95134 www.pulsesecure.net © 2019 by Pulse Secure, LLC. All rights reserved. Pulse Secure and the Pulse Secure logo are trademarks of Pulse Secure, LLC in the United States. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Pulse Secure, LLC assumes no responsibility for any inaccuracies in this document. Pulse Secure, LLC reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Pulse Secure Virtual Traffic Manager: TrafficScript Guide The information in this document is current as of the date on the title page. END USER LICENSE AGREEMENT The Pulse Secure product that is the subject of this technical documentation consists of (or is intended for use with) Pulse Secure software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at http://www.pulsesecure.net/support/eula/. By downloading, installing or using such software, you agree to the terms and conditions of that EULA. © 2019 Pulse Secure, LLC. Pulse Secure Virtual Traffic Manager: TrafficScript Guide Contents PREFACE . 1 DOCUMENT CONVENTIONS . 1 TEXT FORMATTING CONVENTIONS . 1 COMMAND SYNTAX CONVENTIONS . 1 NOTES AND WARNINGS. 2 REQUESTING TECHNICAL SUPPORT . 2 SELF-HELP ONLINE TOOLS AND RESOURCES. 2 OPENING A CASE WITH PSGSC . 3 INTRODUCTION. 5 ABOUT THIS GUIDE . 5 THE TRAFFICSCRIPT LANGUAGE . 5 TRAFFICSCRIPT EXAMPLES. 6 APPLICATION OF RULES . 7 USING A TRAFFICSCRIPT RULE . 8 TRAFFICSCRIPT SYNTAX . 13 STATEMENTS . 13 CONSTANTS. 13 VARIABLES . 14 EXPRESSIONS. 15 OPERATORS . 15 TYPE CASTS IN TRAFFICSCRIPT. 18 CONDITIONALS . 18 THE “IF” STATEMENT . 19 THE "SWITCH" STATEMENT . 19 LOOPS . 21 “FOR” LOOPS . 21 ‘WHILE’ LOOPS . 21 “DO” LOOPS . 21 “FOREACH” LOOPS . 22 OTHER FLOW CONTROL. 22 COMPLEX DATA TYPES . 22 ARRAYS . 22 HASHES. 23 THE GLOBAL ASSOCIATIVE ARRAY. 24 THE PROCESS-LOCAL ASSOCIATIVE ARRAY . 25 © 2019 Pulse Secure, LLC. i Pulse Secure Virtual Traffic Manager: TrafficScript Guide THE CONNECTION-LOCAL ARRAY . 25 LIBRARIES . 25 FUNCTIONS . 27 ESCAPING REGULAR EXPRESSIONS. 27 CREATING NEW SUBROUTINES IN TRAFFICSCRIPT . 28 SYNTAX . 28 REQUEST AND RESPONSE RULES . 29 PROCESSING MULTIPLE REQUESTS AND RESPONSES . 30 SPECIALIZED PROTOCOL HANDLING FUNCTIONS . 30 PROCESSING OTHER PROTOCOLS. 31 THE STATE MACHINE IN DETAIL . 31 CONTROLLING THE STATE MACHINE . 31 SAMPLE TRAFFICSCRIPT RULES. 33 ROUTING BY CONTENT TYPE . 33 RESTRICTING ACCESS BASED ON THE TIME OF DAY. 33 CUSTOMER PRIORITIZATION. 34 ROUTING BASED ON XML TRAFFIC . 35 EXAMPLE: GOOGLE SEARCH REQUEST. 35 AUTHENTICATING USER ACCESS. ..
Recommended publications
  • Elastic Load Balancing Application Load Balancers Elastic Load Balancing Application Load Balancers
    Elastic Load Balancing Application Load Balancers Elastic Load Balancing Application Load Balancers Elastic Load Balancing: Application Load Balancers Copyright © Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. Elastic Load Balancing Application Load Balancers Table of Contents What is an Application Load Balancer? .................................................................................................. 1 Application Load Balancer components ......................................................................................... 1 Application Load Balancer overview ............................................................................................. 2 Benefits of migrating from a Classic Load Balancer ........................................................................ 2 Related services ......................................................................................................................... 3 Pricing ...................................................................................................................................... 3 Getting started .................................................................................................................................
    [Show full text]
  • Elastic Load Balancing Application Load Balancers Elastic Load Balancing Application Load Balancers
    Elastic Load Balancing Application Load Balancers Elastic Load Balancing Application Load Balancers Elastic Load Balancing: Application Load Balancers Elastic Load Balancing Application Load Balancers Table of Contents What is an Application Load Balancer? .................................................................................................. 1 Application Load Balancer components ......................................................................................... 1 Application Load Balancer overview ............................................................................................. 2 Benefits of migrating from a Classic Load Balancer ........................................................................ 2 Related services ......................................................................................................................... 3 Pricing ...................................................................................................................................... 3 Getting started .................................................................................................................................. 4 Before you begin ....................................................................................................................... 4 Step 1: Configure your target group ............................................................................................. 4 Step 2: Choose a load balancer type ...........................................................................................
    [Show full text]
  • Requests Documentation Release 2.26.0
    Requests Documentation Release 2.26.0 Kenneth Reitz Sep 21, 2021 Contents 1 Beloved Features 3 2 The User Guide 5 2.1 Installation of Requests.........................................5 2.2 Quickstart................................................6 2.3 Advanced Usage............................................. 15 2.4 Authentication.............................................. 30 3 The Community Guide 33 3.1 Recommended Packages and Extensions................................ 33 3.2 Frequently Asked Questions....................................... 34 3.3 Integrations................................................ 35 3.4 Articles & Talks............................................. 35 3.5 Support.................................................. 36 3.6 Vulnerability Disclosure......................................... 36 3.7 Release Process and Rules........................................ 38 3.8 Community Updates........................................... 38 3.9 Release History.............................................. 39 4 The API Documentation / Guide 71 4.1 Developer Interface........................................... 71 5 The Contributor Guide 93 5.1 Contributor’s Guide........................................... 93 5.2 Authors.................................................. 96 Python Module Index 103 Index 105 i ii Requests Documentation, Release 2.26.0 Release v2.26.0. (Installation) Requests is an elegant and simple HTTP library for Python, built for human beings. Behold, the power of Requests: >>>r= requests.get ('https://api.github.com/user',
    [Show full text]
  • Web Tracking: Mechanisms, Implications, and Defenses Tomasz Bujlow, Member, IEEE, Valentín Carela-Español, Josep Solé-Pareta, and Pere Barlet-Ros
    ARXIV.ORG DIGITAL LIBRARY 1 Web Tracking: Mechanisms, Implications, and Defenses Tomasz Bujlow, Member, IEEE, Valentín Carela-Español, Josep Solé-Pareta, and Pere Barlet-Ros Abstract—This articles surveys the existing literature on the of ads [1], [2], price discrimination [3], [4], assessing our methods currently used by web services to track the user online as health and mental condition [5], [6], or assessing financial well as their purposes, implications, and possible user’s defenses. credibility [7]–[9]. Apart from that, the data can be accessed A significant majority of reviewed articles and web resources are from years 2012 – 2014. Privacy seems to be the Achilles’ by government agencies and identity thieves. Some affiliate heel of today’s web. Web services make continuous efforts to programs (e.g., pay-per-sale [10]) require tracking to follow obtain as much information as they can about the things we the user from the website where the advertisement is placed search, the sites we visit, the people with who we contact, to the website where the actual purchase is made [11]. and the products we buy. Tracking is usually performed for Personal information in the web can be voluntarily given commercial purposes. We present 5 main groups of methods used for user tracking, which are based on sessions, client by the user (e.g., by filling web forms) or it can be collected storage, client cache, fingerprinting, or yet other approaches. indirectly without their knowledge through the analysis of the A special focus is placed on mechanisms that use web caches, IP headers, HTTP requests, queries in search engines, or even operational caches, and fingerprinting, as they are usually very by using JavaScript and Flash programs embedded in web rich in terms of using various creative methodologies.
    [Show full text]
  • (12) United States Patent (10) Patent No.: US 9.426,152 B2 Pieczul Et Al
    USOO9426152B2 (12) United States Patent (10) Patent No.: US 9.426,152 B2 Pieczul et al. (45) Date of Patent: Aug. 23, 2016 (54) SECURE TRANSFER OF WEB APPLICATION (56) References Cited CLIENT PERSISTENT STATE INFORMATION INTO A NEW DOMAIN U.S. PATENT DOCUMENTS 7,194.552 B1* 3/2007 Schneider ........... HO4L 61,3015 (71) Applicant: International Business Machines 709/217 Corporation, Armonk, NY (US) 7,664,724 B2 * 2/2010 Lucovsky ............. GO6F 21,335 707/781 8,504,692 B1 8, 2013 Henderson (72) Inventors: Olgierd S. Pieczul, Dublin (IE): 2004.0054898 A1 3/2004 Chao et al. Mariusz Pajecki, Dublin (IE); Izabela 2005/0204148 A1* 9/2005 Mayo .................. HO4L 63,0815 Pogorzelska-Pieczul, Dublin (IE): T13,185 Mustansir Banatwala, Hudson, NH 2006.0056317 A1 3/2006 Manning et al. (US) (Continued) (73) Assignee: International Business Machines OTHER PUBLICATIONS Corporation, Armonk, NY (US) Nirmal, K.; Ewards, S.E. Vinodh; Geetha, K. Maximizing Online Security by providiniga 3 Factor Authenticationi System to counter (*) Notice: Subject to any disclaimer, the term of this attack Phishing. 2010 International Conference on Emerging patent is extended or adjusted under 35 Trends in Robotics and Communication Technologies. http:// U.S.C. 154(b) by 0 days. ieeexplore.ieee.org/stampfstamp.jsp?tp=&arnumber=5706.185.* (Continued) (21) Appl. No.: 14/326,255 Primary Examiner — Jeremiah Avery (22) Filed: Jul. 8, 2014 (74) Attorney, Agent, or Firm — David B. Woycechowsky; David H. Judson (65) Prior Publication Data US 2016/OO14153 A1 Jan. 14, 2016 (57) ABSTRACT A technique to reassign one or more stored elements of web (51) Int.
    [Show full text]
  • Consumer Market Study on Online Market Segmentation Through
    Consumer market study on online market segmentation through personalised pricing/offers in the European Union Request for Specific Services 2016 85 02 for the implementation of Framework Contract EAHC/2013/CP/04 Final report Ipsos – London Economics – Deloitte consortium June 2018 Justice and Consumers Consumer market study on online market segmentation through personalised pricing/offers in the European Union EUROPEAN COMMISSION Produced by Consumers, Health, Agriculture and Food Executive Agency (Chafea) on behalf of Directorate-General for Justice and Consumers Unit 03 – Economic Analysis & Evaluation Contact: Konstantinos Zisis E-mail: [email protected] European Commission B-1000 Brussels 2 EUROPEAN COMMISSION Consumer market study on online market segmentation through personalised pricing/offers in the European Union Request for Specific Services 2016 85 02 for the implementation of Framework Contract EAHC/2013/CP/04 Final report 2018 3 Consumer market study on online market segmentation through personalised pricing/offers in the European Union Europe Direct is a service to help you find answers to your questions about the European Union. Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). Find out which disclaimer you need : http://ec.europa.eu/dgs/communication/services/visual_identity/pdf/guidelines-studies-publications-by- external-organisations_en.pdf This report was produced under the EU Consumer Programme (2014-2020) in the frame of a service contract with the Consumers, Health, Agriculture and Food Executive Agency (Chafea) acting under the mandate from the European Commission. The content of this report represents the views of the contractor and is its sole responsibility; it can in no way be taken to reflect the views of the European Commission and/or Chafea or other body of the European Union.
    [Show full text]
  • A Taxonomy of Javascript Redirection Spam
    A Taxonomy of JavaScript Redirection Spam Kumar Chellapilla Alexey Maykov Microsoft Live Labs Microsoft Live Labs One Microsoft Way One Microsoft Way Redmond, WA 98052 Redmond, WA 98052 +1 425 707 7575 +1 425 705 5193 [email protected] [email protected] ABSTRACT facilitate redirection and hiding are presented in Section 3. We Redirection spam presents a web page with false content to a present a data set of URLs and estimate the prevalence of crawler for indexing, but automatically redirects the browser to a JavaScript redirection spam in Section 4 and Section 5, different web page. Redirection is usually immediate (on page respectively. Section 6 presents a taxonomy along with load) but may also be triggered by a timer or a harmless user representative examples. event such as a mouse move. JavaScript redirection is the most In this paper, we limit our analysis of script redirection spam to notorious of redirection techniques and is hard to detect as many client side scripts that run in the browser. Further, we use the term of the prevalent crawlers are script-agnostic. In this paper, we JavaScript [2] interchangeably with JScript [3], which are the study common JavaScript redirection spam techniques on the Mozilla Foundation’s and Microsoft’s implementation of the web. Our findings indicate that obfuscation techniques are very ECMAScript standard [4]. prevalent among JavaScript redirection spam pages. These 1 Modern browsers can be redirected in one of three ways, namely, obfuscation techniques limit the effectiveness of static analysis using HTTP protocol status codes, using a meta refresh tag in the and static feature based systems.
    [Show full text]
  • Openresty / Lua-Nginx-Module Watch 455 4,019 931
    openresty/lua-nginx-module: Embed the Power of Lua into NGINX HTTP servers https://github.com/openresty/lua-nginx-module Pull requests Issues Gist openresty / lua-nginx-module Watch 455 4,019 931 Code Issues 66 Pull requests 46 Projects 0 Wiki Pulse Graphs Embed the Power of Lua into NGINX HTTP servers https://openresty.org/ 3,168 commits 11 branches 303 releases 51 contributors New pull request Upload files Find file detailyang committed with agentzh tests: fixed a bug in testing the nullness of cdata pointers. … Latest commit e958cb2 3 days ago .github added the PULL_REQUEST_TEMPLATE file. 7 months ago doc doc: updated copyright notice. 2 months ago dtrace fixed dtrace static probes for systems other than Linux. 9 months ago misc/ recv-until-pm cosocket: did a minor optimization for receiveuntil patterns no longe… 5 years ago src feature: fixed build compatibility with BoringSSL. 5 days ago t tests: fixed a bug in testing the nullness of cdata pointers. 3 days ago tapset feature: initial support for dtrace static probes. it requires nginx-… 5 years ago util bugfix: C API: ngx_http_lua_add_package_preload() might not take effe… 3 months ago .gitattributes Revert "tweaked .gitattributes a bit more." a year ago .gitignore feature: implemented ssl_session_fetch_by_lua* and ssl_session_store_… 6 months ago 1 of 256 2/5/2017 1:36 PM openresty/lua-nginx-module: Embed the Power of Lua into NGINX HTTP servers https://github.com/openresty/lua-nginx-module .travis.yml travis-ci: upgraded openssl to 1.0.2k. 9 days ago README.markdown doc: updated copyright notice. 2 months ago config feature: added new config directive "lua_malloc_trim N" to periodical… 4 months ago valgrind.suppress valgrind.suppress: suppressed a false positive in the latest version … 2 years ago README.markdown Name ngx_http_lua_module - Embed the power of Lua into Nginx HTTP Servers.
    [Show full text]
  • Fortiweb Administration Guide V4.0.1 Revision 5
    FortiWeb™ Web Application Security Version 4.0 MR1 Patch 1 Administration Guide FortiWeb™ Web Application Security Administration Guide Version 4.0 MR1 Patch 1 Revision 5 13 December 2010 © Copyright 2010 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc. Trademarks Dynamic Threat Prevention System (DTPS), APSecure, FortiASIC, FortiBIOS, FortiBridge, FortiClient, FortiGate®, FortiGate Unified Threat Management System, FortiGuard®, FortiGuard-Antispam, FortiGuard-Antivirus, FortiGuard-Intrusion, FortiGuard-Web, FortiLog, FortiAnalyzer, FortiManager, Fortinet®, FortiOS, FortiPartner, FortiProtect, FortiReporter, FortiResponse, FortiShield, FortiVoIP, and FortiWiFi are trademarks of Fortinet, Inc. in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Regulatory compliance FCC Class A Part 15 CSA/CUS Caution: Risk of explosion if the battery on the main board is replaced by an incorrect type. Dispose of used batteries according to instructions. Caution: The Fortinet equipment is intended for installation in a Restricted Access Location. Contents Contents Introduction .............................................................................................. 9 Scope ............................................................................................................................
    [Show full text]
  • Ipass® Generic Interface Specification
    iPass® Generic Interface Specification BETWEEN SMART CLIENT S AND ACCESS GATEWAY , VERSION 1.6 Corporate Headquarters iPass Inc. 3800 Bridge Parkway Redwood Shores, CA 94065 USA www.ipass.com +1 650-232-4100 +1 650-232-0227 fx TABLE OF CONTENTS Scope 4 Client Integration 5 Login Request: Successful Case .......................................................................................................... 5 Login Request: Successful Case With Proxy Reply ........................................................................... 6 Login Request: Successful Case With Polling .................................................................................... 7 Login Request: Reject ............................................................................................................................ 7 Login Request: Reject With Polling ...................................................................................................... 8 Protocol Specifics .................................................................................................................................. 8 Smart Client HTTP GET to ORIGIN SERVER ................................................................................. 9 Redirect .......................................................................................................................................... 10 Proxy ............................................................................................................................................... 12 Authentication ................................................................................................................................
    [Show full text]
  • Protocol Considerations for Web Linkbase Access
    Protocol Considerations for Web Linkbase Access Erik Wilde Computer Engineering and Networks Laboratory Swiss Federal Institute of Technology, Z¨urich TIK Report 143 July 2002 Abstract We propose the Open Web, which aims at transforming the Web into an Open Hy- permedia System. Based on the Extensible Linking Language (XLink), we investigate the possibilities for implementing linkbase access methods. Linkbases are collections of so-called third-party links, which are links which live outside the resources that they are linking, and thus must be found and retrieved somehow when presenting the resources that they are linking. We focus on the protocol issues of accessing linkbases, concentrating on how such a new protocol could and should be designed. In addition to our design goal of specifying a protocol for accessing the linkbase Web service, be believe that our protocol considerations can serve as a blueprint for other areas where Web access to services is required. 1 Introduction The Hypertext Transfer Protocol (HTTP) [8] is the most widely used protocol on the Internet. It is mainly used as a client/server-protocol between a client (in most cases, a Web browser) requesting a Web resource, and a server responding to that request. While currently most browser interactions with servers are simple Web resource retrievals for immediate display (in most cases HTML pages or images), future developments will lead to an increasing exchange of non-display data, in particular metadata as the core matter of the Semantic Web [2]. In this paper, we investigate access to a special kind of metadata, which is link informa- tion.
    [Show full text]
  • Understanding Internet Censorship Policy: the Case of Greece
    Understanding Internet Censorship Policy: The Case of Greece Vasilis Ververis George Kargiotakis Arturo Filasto` Humboldt University Berlin The Tor Project Benjamin Fabian Afentoulis Alexandros Humboldt University Berlin Abstract the offending blog post via automatic RSS syndication. In February 2010 ISP Tellas/Wind Hellas blocked the The Greek government has recently initiated large scale Piratebay site [1]. In May 2012 the Greek Organiza- content blocking that leads to Internet censorship. In tion for Intellectual Property Collective Administration this article we analyze the techniques and policies used (AEPI) went to court against every Greek ISP demand- to block content of gambling websites in Greece and ing to censor Ellinadiko.com, a music sharing forum and present the implications of the detected underblock- Music-Bazaar.com, an MP3 webstore, both under the ac- ing and overblocking. We have collected results prob- cusation of infringing copyright laws [2]. The court or- ing eight major broadband and cellular Internet Service dered the ISPs to block the IP addresses of the referred Providers (ISPs) that are a representative sample of In- websites [23]. ternet usage in Greece, and investigate the methods and Later in September 2012 a citizen was arrested on infrastructure used to conduct the contentfiltering. The charges of malicious blasphemy and religious insult af- results of this study highlight issues related to how trans- ter posting a Facebook page that ridiculed a well-known parently Internetfiltering is implemented in democratic Greek Orthodox monk [12]. Following in January 2013, countries and could indicate the presence of unfair com- a politicianfiled a defamation lawsuit against a Greek petition between ISPs.
    [Show full text]