Expressions
Expressions are conditions written in Common Expression Language (CEL) that can be used to evaluate specific traffic attributes, such as the client IP, request URL, or HTTP method. These conditions determine whether a rule applies to a given traffic flow. For instance, an expression likeconn.client_ip == '192.168.1.200' targets requests from a specific IP address.
You can define multiple expressions, which are automatically combined using the && operator. This means all expressions in the list must evaluate to true for the associated rules to run. If no expressions are provided, the system defaults to true, ensuring the rule matches all traffic, and the specified actions are executed in sequence.
By combining multiple conditions, you can craft highly specific and flexible rules to manage traffic effectively.
Actions
Actions define the behavior that is applied when the expressions evaluate to true. Each action specifies a particular operation to be applied, such as denying traffic, modifying headers, or redirecting requests. Actions are executed sequentially as defined in the policy, but note that some actions can short-circuit the request and return without executing subsequent actions. For example, the following action denies traffic and returns a404 HTTP status code:
Chaining Rules and Priority
Multiple rules can be defined within a single phase. Rules are evaluated in the order they are defined, and their execution depends on the type of actions taken. For example:- Some actions (e.g.,
deny) immediately stop further rule evaluation. - Others (e.g.,
url-rewrite) allow subsequent rules to apply.