Specifying iRule Events

The iRules feature includes several types of event declarations that you can make in an iRule. Specifying an event declaration determines when the LTM system evaluates the iRule. The following sections list and describe these event types. Also described is the concept of iRule context and the use of the when keyword.

Event types

The iRule command syntax includes several types of event declarations that you can specify within an iRule:

  • Global events
  • HTTP events
  • SSL events
  • Authentication events

Table 13.2 lists and describes the events that you can declare in an iRule for each of these event types.

iRule Event Description
Global Events
CLIENT_ACCEPTED Triggered when a client establishes a connection.
CLIENT_DATA Triggered when a client receives new data while the connection is in collect state.
SERVER_SELECTED Triggered when the LTM system has selected a target node.
SERVER_CONNECTED Triggered when the system establishes a connection with the target node.
SERVER_DATA Triggered when the system has received new data from the target node while the connection is in hold state.
RULE_INIT Triggered when you add or modify an iRule. You use this event to initialize global variables that you are using within iRules.
HTTP Events
HTTP_REQUEST Triggered when the system fully parses a complete client request header (that is, the method, URI, version and all headers, not including the body).
HTTP_REQUEST_DATA Triggered whenever the request receives new HTTP content data.
HTTP_RESPONSE Triggered when the system parses all of the response status and header lines from the server response.
HTTP_RESPONSE_DATA Triggered whenever the system receives new HTTP content data from the response.
HTTP_RESPONSE_CONTINUE Triggered whenever the system receives a 100 Continue response from the server.
SSL Events
CLIENTSSL_HANDSHAKE Triggered when a client-side SSL handshake is completed.
CLIENTSSL_CLIENTCERT Triggered when the system adds an SSL client certificate to the client certificate chain. The LTM system can retrieve the X509 certificate and its X509 issuer with the SSL::cert and SSL::cert issuer commands.
SERVERSSL_HANDSHAKE Triggered when a server-side SSL handshake is completed.
Authentication Events
AUTH_FAILURE Triggered when an unsuccessful authorization operation is completed. A default handler for this event is associated with each of the authentication profiles, and causes the system to close the connection.
AUTH_ERROR Triggered when an error occurs during authorization. A default handler for this event is associated with each of the authentication profiles, and causes the system to close the connection. The associated authentication session ID is invalidated and the user should immediately discard the session ID upon receipt of this event.
AUTH_WANTCREDENTIAL Triggered when an authorization operation needs an additional credential. See also the description of the AUTH::wantcredential_prompt. command in section Querying authentication data. A default handler for this event is associated with each of the authentication profiles, and causes the system to close the connection unless it can obtain the desired credential. Typically this implies that the protocol layer that provides the credential has also not yet obtained the credential, because the system did not enable the necessary authentication protocol. Each of the authentication profiles contains appropriate default handlers for its respective protocol.
AUTH_SUCCESS Triggered when a successful authorization has completed all of the required authentication services.