cancel
Showing results for 
Search instead for 
Did you mean: 
feickholt
Level 10

Debug help: enable ruletrace without gui and change surfing client ip

During the past we had often the request to do a rule trace for a dedicated surfing session.

We also needed the posibility to change the clients ip address in the proxy to test customer problem.

For easier debugging I wrote a little ruleset to enable ruletracing by adding a "_ruleset" parameter on single url. (example: http://www.test.de/?_ruleset)

The next 60 seconds every additional connection from this client is traced also by the mwg.

Using the paramter "_ruleset_disable" no additional rule trace will take place.

We also had the request to change the surfing client ip adresse to verify the policy works in the right way for a dedicated client.

This can be done using the parameter _clientip=1.1.1.1 (example: http://test.de/?_clientip=1.1.1.1)

The next 2 minutes every connection from your client will be executed on the proxy with the client ip 1.1.1.1.

To prevent other clients using such parameter you have to add all clients which are allowed to use this feature in the list GLB_ADMIN_IP.

You should place the ruleset in the beginning of your policy.

Have fun

Frank

Rule Sets
DEBUGGING
[✔] Enabled [✘] Disabled in Cloud
Applies to: [] Requests [] Responses [] Embedded Objects
Always
Enable Rule Trace based on URL parameter (_ruletrace)
[✔] Enabled [✘] Disabled in Cloud
Applies to: [] Requests [] Responses [] Embedded Objects
1: (URL.HasParameter("_ruletrace") equals true
2: OR PDStorage.HasGlobalData(String.Concat(IP.ToString(Client.IP),".ruletrace"))<PDS Keep 5 minutes> equals true)
3: AND Client.IP is in list GLB_ADMIN_IP
EnabledRuleActionEventsComments
[✔] Enabled Enable Rule Trace by Parameter
1: URL.HasParameter("_ruletrace") equals true
Stop Rule SetEnable RuleEngine Tracing
PDStorage.AddGlobalData.Bool(String.Concat(IP.ToString(Client.IP),".ruletrace"),true)<PDS Keep 5 minutes>
PDStorage.AddGlobalData.Number(String.Concat(IP.ToString(Client.IP),".ruletrace.start"),DateTime.ToNumber)<PDS Keep 5 minutes>
[✔] Enabled Set Duration time to 60 Seconds
Always
ContinueSet User-Defined.NEW.CurrenTime.Unix.Number =
     DateTime.ToNumber +
     60
[✔] Enabled enable rule trace if PDS was set
1: PDStorage.GetGlobalData.Bool(String.Concat(IP.ToString(Client.IP),".ruletrace"))<PDS Keep 5 minutes> equals true
2: AND PDStorage.GetGlobalData.Number(String.Concat(IP.ToString(Client.IP),".ruletrace.start"))<PDS Keep 5 minutes> greater than User-Defined.NEW.CurrenTime.Unix.Number
Stop Rule SetEnable RuleEngine Tracing
Disable Rule Trace based on URL parameter (_ruletrace_off)
[✔] Enabled [✘] Disabled in Cloud
Applies to: [] Requests [] Responses [] Embedded Objects
1: URL.HasParameter("_ruletrace_off") equals true
2: AND Client.IP is in list GLB_ADMIN_IP
EnabledRuleActionEventsComments
[✔] Enabled Enable Rule Trace by Parameter
1: URL.HasParameter("_ruletrace_off") equals true
Stop Rule SetPDStorage.AddGlobalData.Bool(String.Concat(IP.ToString(Client.IP),".ruletrace"),false)<Keep 1 Minute>
Change Client.IP to another value (Require Parameter: _clientip=<ip>
[✔] Enabled [✘] Disabled in Cloud
Applies to: [] Requests [] Responses [] Embedded Objects
1: (URL.HasParameter("_clientip") equals true
2: OR PDStorage.HasGlobalData(String.Concat(IP.ToString(Client.IP),".change_clientip"))<PDS keep 2 Minutes> equals true)
3: AND Client.IP is in list GLB_ADMIN_IP
EnabledRuleActionEventsComments
[✔] Enabled Set Duration time to 60 Seconds
Always
ContinueSet User-Defined.NEW.CurrenTime.Unix.Number =
     DateTime.ToNumber +
     60
[✔] Enabled Set Client.ip
1: URL.HasParameter("_clientip") equals true
Stop Rule SetPDStorage.AddGlobalData.IP(String.Concat(IP.ToString(Client.IP),".change_clientip"),String.ToIP(URL.GetParameter("_clientip")))<PDS keep 2 Minutes>
PDStorage.AddGlobalData.Number(String.Concat(IP.ToString(Client.IP),".change_clientip.start"),DateTime.ToNumber)<PDS keep 2 Minutes>
Set Client.IP = String.ToIP(URL.GetParameter("_clientip"))
[✔] Enabled Set CLient IP based on old value
1: PDStorage.GetGlobalData.Number(String.Concat(IP.ToString(Client.IP),".change_clientip.start"))<PDS keep 2 Minutes> greater than User-Defined.NEW.CurrenTime.Unix.Number
ContinueSet Client.IP = PDStorage.GetGlobalData.IP(String.Concat(IP.ToString(Client.IP),".change_clientip"))<PDS keep 2 Minutes>
0 Kudos