ProxySG Content Policy Language Guide
Forward Policy File | A file you create or that might be created during an upgrade from prior SGOS versions, |
| and that you maintain to supplement any policy described in the other three policy files. |
| It is normally used for forwarding policy. The Forward policy file is always last in the |
| evaluation order. |
| Forwarding policy is generally distinct and independent of other policies, and is often |
| used as part of maintaining network topologies. |
| Forwarding policy can also be created and maintained through the Visual Policy |
| Manager. |
layer | A CPL construct for expressing the rules for a single policy decision. Multiple layers can |
| be used to make multiple decisions. Layers are evaluated in top to bottom order. |
| Decisions made by later layers can override decisions made by earlier layers. Layer |
| evaluation terminates on the first rule match. |
| Five layer types exist. The layer type defines the transactions evaluated against this |
| policy and restricts the triggers and properties allowed in the rules used in the layer. |
| Each of the five types of layers are allowed in any policy file. |
Local Policy File | A file you create and maintain on your network for policy specific to one or more |
| ProxySG appliances. This is the file you would normally create when writing CPL |
| directly with a text editor, for use on some subset of the ProxySG appliances in your |
| organization. |
| On upgrade from a CacheOS 4.x system, the local file will contain any filter rules |
| configured under the old system. |
Match | When a rule is evaluated, if all triggers evaluate to true, then all properties specified are |
| set. This is often referred to as a rule Match (for example in policy tracing.) |
Miss | When a rule is evaluated, if any trigger evaluates to false, all properties specified are |
| ignored. This is often referred to as a rule Miss (for example in policy tracing.) |
N/A | The rule can't be evaluated for this transaction and is being skipped. N/A happens, for |
| example, when you try to apply a streaming condition to an FTP transaction. |
policy files | Any one of four files that contain CPL: Central, Local, VPM, or Forward. When the policy |
| is installed, the contents of each of the files is concatenated according to the evaluation |
| order. |
policy trace | A listing of the results of policy evaluation. Policy tracing is useful when troubleshooting |
| policy. |
property | A CPL setting that controls some aspect of transaction processing according to its value. |
| CPL properties have the form property(setting). |
| At the beginning of a transaction, all properties are set to their default values, many of |
| which come from the configuration settings. |
<Proxy> layer | One of the five layer types allowed in a policy, used to list policy rules that control access |
| to proxy services configured on the ProxySG. |
| Rules in the <Proxy> layer include user authentication and authorization requirements, |
| time of day restrictions, and content filtering. |
proxy transaction | A transaction created for each request received over the proxy service ports configured |
| on the ProxySG. The proxy transaction covers both the request and its associated |
| response, whether fetched from the origin server or the local object store. |
request | A modification of the request for an object (either the URL or Headers). This modification |
transformation | might result in fetching a different object, or fetching the object through a different |
| mechanism. |
