Blue Coat Systems Proxy SG

ProxySG Content Policy Language Guide

278

1 start transaction ------------------------------

2 CPL Evaluation Trace:

3 <Proxy>

4 MATCH: trace.rules(all) trace.request(yes)

5 <Proxy>

6 miss: url.domain=!//my_site.com/

7 miss: url.address=!my_subnet

8 <Proxy>

9 n/a : ftp.method=STOR

10 <Proxy>

11 MATCH: url.domain=//my_site.com/ action.foo(yes)

12 connection: client_address=10.10.0.10 proxy_port=36895

13 time: 2003-09-11 19:36:22 UTC

14 GET http://www.my_site.com/home.html

15 DNS lookup was unrestricted

16 rewritten URL(s):

17 cache_url/server_url/log_url=http://www.his_site.com/

18 User-Agent: Mozilla 8.6 (Non-compatible)

19 user: unauthenticated

20 set header= (request)

21 value='test'

22 end transaction --------------------------------

Notes:

•Lines 1 and 22 are delimiters indicating where the trace for this transaction starts and ends.

•Line 2 introduces the rule evaluation part of the trace. A rule evaluation part is generated when

trace.rules() is set to yes or all.

•Lines 3 to 4 and 10 to 11 show rule matches, and are included when trace.rules() is set to either

yes or all.

•Lines 5 to 9 come only with trace.rules(all). That is, trace.rules(yes) shows only layers

and rules that match. To include rules that do not match, use trace.rules(all).

•Line 9 shows how a rule (containing an FTP specific condition) that is not applicable to this

transaction (HTTP) is marked as n/a.

•Lines 12 to 21 are generated as a result of trace.request(yes). Using trace.rules() without

trace.request(yes) does not result in a trace.

•Line 12 show client related information.

•Line 13 shows the time the transaction was processed.

•Line 14 is a summary of the request line.

•Line 15 indicates that DNS lookup was attempted during evaluation, and was unrestricted. This

line only appears if there is a DNS restriction and a DNS lookup was required for evaluation.

•Lines 16 and 17 indicate that the request URL was rewritten, and show the effects.

•Line 19 indicates that the user was not required to authenticate. If authentication had been

required, the user identity would be displayed.

•Lines 20 and 21 show the results of the header modification action.