Application Control Engine Module Command Reference (Software Version A2(1.0))
Action List Configuration Mode Commands
Download this chapter
Action List Configuration Mode CommandsAction List Configuration Mode Commands
Download the complete book
Cisco Application Control Engine Module Command Reference Book-Length PDF (Software Version A2(1.0))Cisco Application Control Engine Module Command Reference Book-Length PDF (Software Version A2(1.0)) (PDF - 13 MB)
give_us_feedback

Table Of Contents

Action List Modify Configuration Mode Commands

(config-actlist-modify) header delete

(config-actlist-modify) header insert

(config-actlist-modify) header rewrite

(config-actlist-modify) ssl url rewrite location


Action List Modify Configuration Mode Commands

Action list modify configuration mode commands allow you to configure ACE action lists. An action list is a named group of actions that you associate with a Layer 7 HTTP class map in a Layer 7 HTTP policy map. You can create an action list to modify an HTTP header or to rewrite an HTTP redirect URL for Secure Sockets Layer (SSL).

To create an action list, use the action-list type modify http command. The CLI prompt changes to (config-actlist-modify). Use the no form of this command to remove the action list from the configuration.

action-list type modify http name

no action-list type modify http name

Syntax Description

name

Unique name for the action list. Enter an unquoted text string with a maximum of 64 alphanumeric characters.


Command Modes

Configuration mode

Admin and user contexts

Command History

Release
Modification

A2(1.0)

This command was introduced.


Usage Guidelines

This command has no usage guidelines.

Examples

To create an action list, enter: 

host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST

host1/Admin(config-actlist-modify)#

To remove the action list from the configuration, enter: 

host1/Admin(config)# no action-list type modify http HTTP_MODIFY_ACTLIST

Related Commands

show running-config
show stats

(config-actlist-modify) header delete

To delete an HTTP header from a client request, a server response, or from both, use the header delete command in action list modify configuration mode. Use the no form of this command to remove the HTTP header delete action from the action list.

header delete {request | response | both} header-name

no header delete {request | response | both} header-name

Syntax Description

request

Specifies that the ACE delete the header from HTTP request packets from clients.

response

Specifies that the ACE delete the header from HTTP response packets from servers.

both

Specifies that the ACE delete the header from both HTTP request packets and response packets.

header-name

Identifier of the HTTP header that you want to delete. Enter an unquoted text string with a maximum of 255 alphanumeric characters.


Command Modes

Action list modify configuration mode

Admin and user contexts

Command History

Release
Modification

A2(1.0)

This command was introduced.


Usage Guidelines

After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Cisco Application Control Engine Module Server Load-Balancing Configuration Guide.

Examples

To delete the Host header from request packets only, enter: 

host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST

host1/Admin(config-actlist-modify)# header delete request Host

To remove the header delete action from the action list, enter: 

host1/Admin(config-actlist-modify)# no header delete request Host

Related Commands

(config) action-list type modify http

(config-actlist-modify) header insert

(config-actlist-modify) header rewrite

(config-actlist-modify) header insert

When the ACE uses NAT to translate the source IP address of a client to a VIP address, servers need a way to identify that client for the TCP and IP return traffic. To identify a client whose source IP address has been translated using NAT, you can instruct the ACE to insert a generic header and string value in the client HTTP request.

To insert a header name and value in an HTTP request from a client, a response from a server, or both, use the header insert command in action list modify configuration mode. Use the no form of this command to remove the HTTP header insert action from the action list.

header insert {request | response | both} header-name header-value expression

no header insert {request | response | both} header-name header-value expression

Syntax Description

request

Specifies that the ACE insert an HTTP header in HTTP request packets from clients.

response

Specifies that the ACE insert an HTTP header in HTTP response packets from servers.

both

Specifies that the ACE insert an HTTP header in both HTTP request packets and response packets.

header-name

Identifier of an HTTP header. Enter an unquoted text string with a maximum of 255 alphanumeric characters.

header-value expression

Specifies the value of the HTTP header that you want to insert in request packets, response packets, or both. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can also use the following dynamic replacement strings:

%is—Insert the source IP address in the HTTP header.

%id—Insert the destination IP address in the HTTP header.

%ps—Insert the source port in the HTTP header.

%pd—Insert the destination port in the HTTP header.


Command Modes

Action list modify configuration mode

Admin and user contexts

Command History

Release
Modification

A2(1.0)

This command was introduced.


Usage Guidelines

After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Cisco Application Control Engine Module Server Load-Balancing Configuration Guide.

With either TCP server reuse or persistence rebalance enabled, the ACE inserts a header in every client request. For information about TCP server reuse, see the Cisco Application Control Engine Module Server Load-Balancing Configuration Guide.

Examples

To include a header insert action for both request and response packets in an action list, enter: 

host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST

host1/Admin(config-actlist-modify)# header insert both Host header-value www.cisco.com

To remove the insert action from the action list, enter: 

host1/Admin(config-actlist-modify)# no header insert both Host header-value www.cisco.com

Related Commands

(config) action-list type modify http

(config-actlist-modify) header delete

(config-actlist-modify) header rewrite

(config-actlist-modify) header rewrite

To rewrite an HTTP header value in request packets from a client, response packets from a server, or both, use the header rewrite command in action list modify configuration mode. Use the no form of this command to remove the HTTP header rewrite action from the action list.

header rewrite {request | response | both} header-name header-value expression replace pattern

no header rewrite {request | response | both} header-name header-value expression
replace pattern

Syntax Description

request

Specifies that the ACE rewrite an HTTP header string in HTTP request packets from clients.

response

Specifies that the ACE rewrite an HTTP header string in HTTP response packets from servers.

both

Specifies that the ACE rewrite an HTTP header string in both HTTP request packets and response packets.

header-name

Identifier of the HTTP header that you want to rewrite. Enter an unquoted text string with a maximum of 255 alphanumeric characters.

header-value expression

Specifies the value of the HTTP header that you want to replace in request packets, response packets, or both. Enter a text string from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching data strings. Use parenthesized expressions for dynamic replacement using %1 and %2 in the replacement pattern.

Note When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?).

replace pattern

Specifies the pattern string that you want to substitute for the header value regular expression. For dynamic replacement of the first and second parenthesized expressions from the header value, use %1 and %2, respectively.


Command Modes

Action list modify configuration mode

Admin and user contexts

Command History

Release
Modification

A2(1.0)

This command was introduced.


Usage Guidelines

After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Cisco Application Control Engine Module Server Load-Balancing Configuration Guide.

Examples

To include a header replace action for HTTP request packets in an action list, enter: 

host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST

host1/Admin(config-actlist-modify)# header rewrite request Host header-value www.cisco.com 
replace ?

To remove the replace action from the action list, enter: 

host1/Admin(config-actlist-modify)# no header rewrite request Host header-value 
www.cisco.com replace ?

Related Commands

(config) action-list type modify http

(config-actlist-modify) header delete

(config-actlist-modify) header insert

(config-actlist-modify) ssl url rewrite location

To specify the SSL URL, SSL port, and clear port for rewrite, use the ssl url rewrite location command. SSL URL rewrite changes the redirect URL from http:// to https:// in the Location response header from the server before sending the response to the client. By doing so, it allows you to avoid nonsecure HTTP redirects because all client connections to the web server will be SSL, thus ensuring the secure delivery of HTTPS content back to the client. Use the no form of this command to remove the SSL rewrite specification from the configuration.

ssl url rewrite location expression [sslport number1] [clearport number2]

no ssl url rewrite location expression [sslport number1] [clearport number2]

Syntax Description

location expression

Specifies the rewriting of the URL in the Location response header based on a URL regular expression match. If the URL in the Location header matches the URL regular expression string that you specify, the ACE rewrites the URL from http:// to https:// and rewrites the port number.

Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports the use of regular expressions for matching data strings.

Note When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?).

sslport number1

(Optional) Specifies the SSL port number from which the ACE translates a clear port number before sending the server redirect response to the client. Enter an integer from 1 to 65535. The default is 443.

clearport number2

(Optional) Specifies the clear port number to which the ACE translates the SSL port number before sending a server redirect response to the client. Enter an integer from 1 to 65535. The default is 80.


Command Modes

Action list modify configuration mode

Admin and user contexts

Command History

Release
Modification

A2(1.0)

This command was introduced.


Usage Guidelines

After you create an action list and configure an HTTP redirect URL for SSL, you must associate the action list with a Layer 3 and Layer 4 policy map. For details, see the Cisco Application Control Engine Module Server Load-Balancing Configuration Guide.

Examples

To specify SSL URL rewrite using the default SSL port of 443 and clear port of 80, enter: 

host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST

host1/Admin(config-actlist-modify)# ssl url rewrite location www\.website\.com

In this case, the ACE rewrites all HTTP redirects to http://www.website.com/ as https://www.website.com/ and forwards them to the client.

Related Commands

(config) action-list type modify http