Instruction manual
Appendix A: Policy Expressions
A-8 NetScaler 9000 Series Installation and Configuration Guide - Volume 1
NSICG60_JAN05
add policy expression rfc1918_192_168 "SOURCEIP ==
192.168.0.0 -netmask 255.255.0.0"
A.1.2.2 Using Compound Expressions
Compound expressions check for multiple conditions. Expression logic is
formed with one or more expression names logically connected using the
logical operators && and ||, and are grouped for order of evaluation using the
symbols (and). Processing of compound expressions is done from left to right,
and is done with “lazy” evaluation, i.e. once the final result is known,
evaluation is terminated. For examples of how this can impact compound
expression creation, see rule based persistence in the section Length and
Offset Expressions.
Compound expressions can be categorized as:
z Named Compound Expressions
z Inline Compound Expressions
Named compound expressions are independent entities. A named compound
expression can be reused by other policies. Use the “add policy expression”
command to create a named compound expression.
The same expression logic is used in various other commands with the -rule,
-reqRule, or -respRule parameters.
Example 1
Test true if a request is not a GET, POST, or HEAD request:
add policy expression not_get "METHOD != GET"
add policy expression not_post "METHOD != POST"
add policy expression not_head "METHOD != HEAD"
add policy expression not_normal_method "not_get &&
not_post && not_head"
or simply by using inline expressions:
add policy expression not_normal_method "METHOD != GET &&
METHOD != POST && METHOD != HEAD"
or by using a combination of inline expressions and expression names:
add policy expression not_post "METHOD != POST"