Traffic Management Shell (tmsh) Reference Guide

Traffic Management Shell (tmsh)

Reference Guide

Version 12.0

Table of Contents

Legal Notices............................................................................................................................29

Legal notices....................................................................................................................30

Using tmsh................................................................................................................................33

About loading and saving the system configuration.........................................................33

About working within the tmsh hierarchy..........................................................................33

About working within a module.............................................................................34

About working within a component.......................................................................35

About working in object mode...............................................................................35

About exiting a mode, module, or tmsh itself.........................................................36

About the scripting feature...............................................................................................37

About checking the tmsh version..........................................................................37

About command completion.............................................................................................38

About using glob with command completion.........................................................38

About command completion behavior...................................................................39

About the help feature......................................................................................................40

About context-sensitive help............................................................................................40

About interrupting a command.........................................................................................41

About entering multiple commands..................................................................................41

About the glob feature......................................................................................................41

Changing whether the date and time display in the glob file.................................42

Displaying the commands in the tmsh glob list.....................................................42

Finding and running a tmsh glob list command using a partial string...................43

Running the previous command............................................................................43

Searching for a command using the pager's search feature.................................43

Searching for a command using grep...................................................................44

About the tmsh keyboard map..............................................................................44

About the command audit feature....................................................................................45

About audit-log entries..........................................................................................45

Viewing historical logs...........................................................................................46

About command aliases...................................................................................................47

About creating command aliases..........................................................................47

About using command aliases..............................................................................47

Setting the tmsh preference for show-aliases.......................................................48

About the wildcard search feature....................................................................................48

About the statistics feature...............................................................................................48

About setting preferences for statistics..................................................................48

About resetting statistics.......................................................................................50

About using grep to filter tmsh output..............................................................................51

Table of Contents

About batch mode transactions........................................................................................51

Creating a batch mode transaction.......................................................................51

About viewing the commands in a transaction......................................................52

About deleting a command from the transaction...................................................52

About replacing a command in the transaction.....................................................52

About inserting a command in the transaction......................................................52

About submitting a transaction..............................................................................53

About cancelling the transaction...........................................................................53

About tmsh behavior controls...........................................................................................53

About tmsh options................................................................................................53

About using special characters in tmsh.................................................................54

Global.........................................................................................................................................57

cd.....................................................................................................................................57

cp.....................................................................................................................................58

create...............................................................................................................................59

delete...............................................................................................................................59

edit...................................................................................................................................60

exit....................................................................................................................................62

generate...........................................................................................................................62

help..................................................................................................................................63

install................................................................................................................................64

list.....................................................................................................................................64

load..................................................................................................................................66

modify..............................................................................................................................66

mv....................................................................................................................................67

publish..............................................................................................................................68

pwd..................................................................................................................................69

quit...................................................................................................................................69

reboot...............................................................................................................................69

reset-stats........................................................................................................................70

restart...............................................................................................................................72

run....................................................................................................................................72

save..................................................................................................................................76

send-mail.........................................................................................................................76

show.................................................................................................................................76

shutdown..........................................................................................................................79

start..................................................................................................................................80

stop..................................................................................................................................80

submit..............................................................................................................................81

time..................................................................................................................................81

tmsh................................................................................................................................84

Analytics....................................................................................................................................91

Table of Contents

report................................................................................................................................91

Analytics Application Security................................................................................................97

report................................................................................................................................97

scheduled-report............................................................................................................100

Analytics Application Security Anomalies...........................................................................103

report..............................................................................................................................103

Analytics Application Security Network...............................................................................107

report..............................................................................................................................107

Analytics ASM Bypass...........................................................................................................111

report..............................................................................................................................111

Analytics ASM CPU................................................................................................................115

report..............................................................................................................................115

Analytics ASM Memory..........................................................................................................119

report..............................................................................................................................119

Analytics CPU.........................................................................................................................123

report..............................................................................................................................123

Analytics Disk Info..................................................................................................................127

report..............................................................................................................................127

Analytics DNS.........................................................................................................................131

report..............................................................................................................................131

Analytics DOS L3....................................................................................................................135

report..............................................................................................................................135

Analytics DOS L7....................................................................................................................139

report..............................................................................................................................139

Analytics HTTP........................................................................................................................145

report..............................................................................................................................145

Analytics IP Layer...................................................................................................................151

Table of Contents

report..............................................................................................................................151

Analytics LSN Pool.................................................................................................................155

report..............................................................................................................................155

Analytics Memory...................................................................................................................159

report..............................................................................................................................159

Analytics Network...................................................................................................................163

report..............................................................................................................................163

stale-rules......................................................................................................................169

Analytics PEM.........................................................................................................................171

report..............................................................................................................................171

Analytics Protocol Security...................................................................................................175

report..............................................................................................................................175

Analytics SIP...........................................................................................................................179

report..............................................................................................................................179

Analytics SWG........................................................................................................................183

report..............................................................................................................................183

Analytics SWG Blocked.........................................................................................................187

report..............................................................................................................................187

Analytics TCP..........................................................................................................................191

report..............................................................................................................................191

Analytics UDP.........................................................................................................................195

report..............................................................................................................................195

Analytics VCMP.......................................................................................................................199

report..............................................................................................................................199

Analytics Virtual......................................................................................................................205

report..............................................................................................................................205

APM..........................................................................................................................................209

Table of Contents

acl..................................................................................................................................209

apm-avr-config...............................................................................................................212

license............................................................................................................................213

log-setting......................................................................................................................214

swg-scheme...................................................................................................................216

url-filter...........................................................................................................................217

APM AAA.................................................................................................................................219

active-directory...............................................................................................................219

active-directory-trusted-domains....................................................................................221

crldp...............................................................................................................................223

endpoint-management-system.......................................................................................225

http.................................................................................................................................228

kerberos.........................................................................................................................231

kerberos-keytab-file........................................................................................................232

ldap................................................................................................................................234

oam................................................................................................................................236

ocsp...............................................................................................................................239

radius.............................................................................................................................242

saml...............................................................................................................................245

saml-idp-connector.........................................................................................................249

securid...........................................................................................................................252

tacacsplus......................................................................................................................254

APM EPSEC.............................................................................................................................257

epsec-package...............................................................................................................257

software-status...............................................................................................................258

APM NTLM...............................................................................................................................261

machine-account............................................................................................................261

ntlm-auth........................................................................................................................263

APM Policy..............................................................................................................................265

access-policy..................................................................................................................265

customization-group.......................................................................................................265

image-file.......................................................................................................................265

policy-item......................................................................................................................266

windows-group-policy-file...............................................................................................266

APM Policy Agent...................................................................................................................267

aaa-active-directory.......................................................................................................267

aaa-client-cert................................................................................................................269

aaa-crldp........................................................................................................................271

Table of Contents

aaa-http..........................................................................................................................272

aaa-ldap.........................................................................................................................273

aaa-ocsp........................................................................................................................276

aaa-radius......................................................................................................................278

aaa-securid....................................................................................................................279

acct-radius......................................................................................................................281

acct-tacacsplus..............................................................................................................282

decision-box...................................................................................................................284

dynamic-acl....................................................................................................................285

ending-allow...................................................................................................................286

ending-deny...................................................................................................................288

ending-redirect...............................................................................................................289

endpoint-check-machine-cert.........................................................................................291

endpoint-check-software................................................................................................293

endpoint-linux-check-file................................................................................................296

endpoint-linux-check-process........................................................................................298

endpoint-mac-check-file.................................................................................................300

endpoint-mac-check-process.........................................................................................302

endpoint-machine-info....................................................................................................304

endpoint-windows-browser-cache-cleaner.....................................................................305

endpoint-windows-check-file..........................................................................................307

endpoint-windows-check-process..................................................................................310

endpoint-windows-check-registry...................................................................................312

endpoint-windows-group-policy......................................................................................314

endpoint-windows-info-os..............................................................................................315

endpoint-windows-protected-workspace........................................................................317

external-logon-page.......................................................................................................319

http-header-modify.........................................................................................................320

irule-event......................................................................................................................323

kerberos.........................................................................................................................325

logging...........................................................................................................................327

logon-page.....................................................................................................................328

message-box..................................................................................................................331

oam................................................................................................................................333

resource-assign..............................................................................................................335

route-domain-selection...................................................................................................336

tacacsplus......................................................................................................................338

variable-assign...............................................................................................................339

APM Profile..............................................................................................................................343

access............................................................................................................................343

connectivity....................................................................................................................348

exchange........................................................................................................................355

remote-desktop..............................................................................................................357

Table of Contents

vdi..................................................................................................................................358

APM Resource.........................................................................................................................361

app-tunnel......................................................................................................................361

client-rate-class..............................................................................................................363

client-traffic-classifier......................................................................................................366

ipv6-leasepool................................................................................................................368

leasepool........................................................................................................................370

network-access..............................................................................................................371

portal-access..................................................................................................................378

sandbox..........................................................................................................................380

webtop............................................................................................................................382

webtop-link.....................................................................................................................385

APM Resource Remote Desktop...........................................................................................387

citrix................................................................................................................................387

citrix-client-bundle..........................................................................................................389

citrix-client-package-file..................................................................................................391

quest..............................................................................................................................392

rdp..................................................................................................................................395

vmware-view..................................................................................................................399

APM SAML...............................................................................................................................403

artifact-resolution-service...............................................................................................403

APM SSO.................................................................................................................................407

basic...............................................................................................................................407

form-based.....................................................................................................................409

form-basedv2.................................................................................................................412

kerberos.........................................................................................................................419

ntlmv1............................................................................................................................422

ntlmv2............................................................................................................................424

saml...............................................................................................................................426

saml-resource................................................................................................................430

saml-sp-connector..........................................................................................................431

ASM..........................................................................................................................................435

device-sync....................................................................................................................435

http-method....................................................................................................................435

httpclass-asm.................................................................................................................436

policy..............................................................................................................................438

predefined-policy............................................................................................................441

response-code...............................................................................................................442

Table of Contents

webapp-language...........................................................................................................442

Auth..........................................................................................................................................445

apm-auth........................................................................................................................445

cert-ldap.........................................................................................................................446

ldap................................................................................................................................451

login-failures...................................................................................................................455

partition..........................................................................................................................456

password........................................................................................................................457

password-policy.............................................................................................................458

radius.............................................................................................................................460

radius-server..................................................................................................................462

remote-role.....................................................................................................................464

remote-user....................................................................................................................467

source............................................................................................................................469

tacacs.............................................................................................................................470

user................................................................................................................................472

CLI............................................................................................................................................477

admin-partitions.............................................................................................................477

global-settings................................................................................................................477

history............................................................................................................................479

preference......................................................................................................................480

script..............................................................................................................................485

transaction......................................................................................................................501

version............................................................................................................................503

CLI Alias..................................................................................................................................505

private............................................................................................................................505

shared............................................................................................................................507

CM............................................................................................................................................509

add-to-trust.....................................................................................................................509

cert.................................................................................................................................510

config-sync.....................................................................................................................513

device.............................................................................................................................514

device-group..................................................................................................................517

failover-status.................................................................................................................520

key..................................................................................................................................521

remove-from-trust...........................................................................................................523

sniff-updates..................................................................................................................524

sync-status.....................................................................................................................525

traffic-group....................................................................................................................525

Table of Contents

trust-domain...................................................................................................................528

watch-devicegroup-device..............................................................................................531

watch-sys-device............................................................................................................532

watch-trafficgroup-device...............................................................................................534

GTM..........................................................................................................................................537

datacenter......................................................................................................................537

distributed-app...............................................................................................................539

iquery.............................................................................................................................542

ldns................................................................................................................................543

link..................................................................................................................................543

listener...........................................................................................................................547

path................................................................................................................................552

persist............................................................................................................................553

prober-pool.....................................................................................................................554

region.............................................................................................................................556

rule.................................................................................................................................559

server.............................................................................................................................561

topology.........................................................................................................................567

traffic..............................................................................................................................570

GTM Global Settings...............................................................................................................571

general...........................................................................................................................571

load-balancing................................................................................................................574

metrics...........................................................................................................................576

metrics-exclusions..........................................................................................................578

GTM Monitor............................................................................................................................581

bigip...............................................................................................................................581

bigip-link.........................................................................................................................584

external..........................................................................................................................586

firepass..........................................................................................................................588

ftp...................................................................................................................................591

gateway-icmp.................................................................................................................594

gtp..................................................................................................................................597

http.................................................................................................................................599

https...............................................................................................................................602

imap...............................................................................................................................606

ldap................................................................................................................................609

mssql..............................................................................................................................612

mysql..............................................................................................................................616

nntp................................................................................................................................619

oracle.............................................................................................................................622

pop3...............................................................................................................................625

Table of Contents

postgresql.......................................................................................................................628

radius.............................................................................................................................631

radius-accounting...........................................................................................................634

real-server......................................................................................................................637

scripted..........................................................................................................................639

sip..................................................................................................................................642

smtp...............................................................................................................................646

snmp..............................................................................................................................648

snmp-link........................................................................................................................651

soap...............................................................................................................................654

tcp..................................................................................................................................657

tcp-half-open..................................................................................................................660

udp.................................................................................................................................663

wap.................................................................................................................................666

wmi.................................................................................................................................669

LTM...........................................................................................................................................673

alg-log-profile.................................................................................................................673

default-node-monitor......................................................................................................675

eviction-policy.................................................................................................................676

ifile..................................................................................................................................681

lsn-log-profile..................................................................................................................682

lsn-pool..........................................................................................................................685

nat..................................................................................................................................691

node...............................................................................................................................693

policy..............................................................................................................................697

policy-strategy................................................................................................................708

pool................................................................................................................................712

rule.................................................................................................................................722

snat................................................................................................................................725

snat-translation...............................................................................................................728

snatpool.........................................................................................................................730

traffic-class.....................................................................................................................732

urlcat-query....................................................................................................................734

virtual.............................................................................................................................735

virtual-address...............................................................................................................743

LTM Auth..................................................................................................................................749

crldp-server....................................................................................................................749

kerberos-delegation.......................................................................................................751

ldap................................................................................................................................753

ocsp-responder..............................................................................................................757

profile.............................................................................................................................761

radius.............................................................................................................................763

Table of Contents

radius-server..................................................................................................................766

ssl-cc-ldap......................................................................................................................768

ssl-crldp..........................................................................................................................771

ssl-ocsp..........................................................................................................................774

tacacs.............................................................................................................................775

LTM Classification..................................................................................................................779

application......................................................................................................................779

category.........................................................................................................................780

signature-definition.........................................................................................................782

signature-update-schedule.............................................................................................784

signature-version............................................................................................................785

signatures......................................................................................................................786

update-signatures..........................................................................................................787

url-cat-policy...................................................................................................................787

url-category....................................................................................................................789

urldb-feed-list.................................................................................................................790

urldb-file.........................................................................................................................792

LTM Classification Stats.........................................................................................................795

application......................................................................................................................795

url-category....................................................................................................................796

LTM ClientSSL.........................................................................................................................799

ocsp-stapling-responses................................................................................................799

LTM ClientSSL Proxy..............................................................................................................801

cached-certs..................................................................................................................801

LTM Data Group......................................................................................................................803

external..........................................................................................................................803

internal...........................................................................................................................805

LTM DNS..................................................................................................................................809

dns-express-db..............................................................................................................809

nameserver....................................................................................................................809

tsig-key...........................................................................................................................811

zone...............................................................................................................................813

LTM DNS Analytics.................................................................................................................817

global-settings................................................................................................................817

Table of Contents

LTM DNS Cache......................................................................................................................819

global-settings................................................................................................................819

resolver..........................................................................................................................820

transparent.....................................................................................................................824

validating-resolver..........................................................................................................827

LTM DNS Cache Records.......................................................................................................833

key..................................................................................................................................833

msg................................................................................................................................834

nameserver....................................................................................................................835

rrset................................................................................................................................837

LTM DNS DNSsec....................................................................................................................839

generation......................................................................................................................839

key..................................................................................................................................840

zone...............................................................................................................................843

LTM Global Settings...............................................................................................................847

connection......................................................................................................................847

general...........................................................................................................................848

traffic-control..................................................................................................................850

LTM Message Routing Diameter............................................................................................853

peer................................................................................................................................853

route...............................................................................................................................855

transport-config..............................................................................................................856

LTM Message Routing Diameter Profile................................................................................859

router..............................................................................................................................859

session...........................................................................................................................861

LTM Message Routing Generic..............................................................................................865

peer................................................................................................................................865

protocol..........................................................................................................................866

route...............................................................................................................................868

router..............................................................................................................................870

transport-config..............................................................................................................873

LTM Message Routing SIP.....................................................................................................877

peer................................................................................................................................877

route...............................................................................................................................879

Table of Contents

transport-config..............................................................................................................881

LTM Message Routing SIP Profile.........................................................................................885

router..............................................................................................................................885

session...........................................................................................................................887

LTM Monitor.............................................................................................................................893

diameter.........................................................................................................................893

dns.................................................................................................................................896

external..........................................................................................................................901

firepass..........................................................................................................................904

ftp...................................................................................................................................907

gateway-icmp.................................................................................................................910

http.................................................................................................................................914

https...............................................................................................................................918

icmp...............................................................................................................................923

imap...............................................................................................................................926

inband............................................................................................................................929

ldap................................................................................................................................932

module-score.................................................................................................................936

mssql..............................................................................................................................939

mysql..............................................................................................................................943

nntp................................................................................................................................946

oracle.............................................................................................................................950

pop3...............................................................................................................................953

postgresql.......................................................................................................................956

radius.............................................................................................................................960

radius-accounting...........................................................................................................963

real-server......................................................................................................................967

rpc..................................................................................................................................969

sasp...............................................................................................................................972

scripted..........................................................................................................................975

sip..................................................................................................................................978

smb................................................................................................................................982

smtp...............................................................................................................................986

snmp-dca.......................................................................................................................989

snmp-dca-base..............................................................................................................991

soap...............................................................................................................................994

tcp..................................................................................................................................997

tcp-echo.......................................................................................................................1002

tcp-half-open................................................................................................................1005

udp...............................................................................................................................1008

virtual-location..............................................................................................................1012

wap...............................................................................................................................1015

Table of Contents

wmi...............................................................................................................................1019

LTM Persistence....................................................................................................................1023

cookie...........................................................................................................................1023

dest-addr......................................................................................................................1026

global-settings..............................................................................................................1029

hash.............................................................................................................................1030

msrdp...........................................................................................................................1034

persist-records.............................................................................................................1036

sip................................................................................................................................1038

source-addr..................................................................................................................1041

ssl.................................................................................................................................1044

universal.......................................................................................................................1047

LTM Profile.............................................................................................................................1051

analytics.......................................................................................................................1051

certificate-authority.......................................................................................................1059

classification.................................................................................................................1061

client-ldap.....................................................................................................................1062

client-ssl.......................................................................................................................1064

dhcpv4.........................................................................................................................1075

dhcpv6.........................................................................................................................1080

diameter.......................................................................................................................1084

dns...............................................................................................................................1088

dns-logging..................................................................................................................1092

fasthttp.........................................................................................................................1094

fastl4.............................................................................................................................1099

fix.................................................................................................................................1105

ftp.................................................................................................................................1107

gtp................................................................................................................................1109

html..............................................................................................................................1111

http...............................................................................................................................1113

http-compression..........................................................................................................1122

http2.............................................................................................................................1126

icap..............................................................................................................................1128

iiop...............................................................................................................................1130

ipother..........................................................................................................................1132

mblb.............................................................................................................................1134

mssql............................................................................................................................1137

ntlm..............................................................................................................................1139

ocsp-stapling-params...................................................................................................1141

one-connect.................................................................................................................1144

pcp...............................................................................................................................1147

pptp..............................................................................................................................1150

Table of Contents

qoe...............................................................................................................................1152

radius...........................................................................................................................1153

ramcache.....................................................................................................................1155

request-adapt...............................................................................................................1156

request-log...................................................................................................................1159

response-adapt............................................................................................................1162

rewrite..........................................................................................................................1164

rtsp...............................................................................................................................1168

sctp..............................................................................................................................1172

server-ldap...................................................................................................................1175

server-ssl.....................................................................................................................1177

sip................................................................................................................................1185

smtp.............................................................................................................................1189

smtps...........................................................................................................................1191

socks............................................................................................................................1193

spdy.............................................................................................................................1195

statistics.......................................................................................................................1198

stream..........................................................................................................................1200

tcp................................................................................................................................1203

tftp................................................................................................................................1211

udp...............................................................................................................................1213

wa-cache......................................................................................................................1216

web-acceleration..........................................................................................................1217

web-security.................................................................................................................1220

xml...............................................................................................................................1221

LTM TacDB.............................................................................................................................1225

customdb.....................................................................................................................1225

customdb-file................................................................................................................1226

Net..........................................................................................................................................1229

arp................................................................................................................................1229

cmetrics........................................................................................................................1231

dag-globals..................................................................................................................1232

ike-evt-stat....................................................................................................................1233

ike-msg-stat..................................................................................................................1234

interface.......................................................................................................................1235

interface-cos.................................................................................................................1239

mroute..........................................................................................................................1240

multicast-globals..........................................................................................................1241

ndp...............................................................................................................................1242

packet-filter...................................................................................................................1244

packet-filter-trusted......................................................................................................1248

port-mirror....................................................................................................................1250

Table of Contents

route.............................................................................................................................1251

route-domain................................................................................................................1254

router-advertisement....................................................................................................1257

rst-cause......................................................................................................................1260

self...............................................................................................................................1261

self-allow......................................................................................................................1264

service-policy...............................................................................................................1266

stp................................................................................................................................1267

stp-globals....................................................................................................................1270

timer-policy...................................................................................................................1272

trunk.............................................................................................................................1276

vlan..............................................................................................................................1280

vlan-allowed.................................................................................................................1284

vlan-group....................................................................................................................1285

wccp.............................................................................................................................1288

Net Bwc..................................................................................................................................1293

policy............................................................................................................................1293

priority-group................................................................................................................1302

traffic-group..................................................................................................................1303

Net Cos..................................................................................................................................1307

global-settings..............................................................................................................1307

map-8021p...................................................................................................................1308

map-dscp.....................................................................................................................1309

traffic-priority................................................................................................................1311

Net DNS Resolver.................................................................................................................1313

resolver........................................................................................................................1313

Net FDB..................................................................................................................................1317

tunnel...........................................................................................................................1317

vlan..............................................................................................................................1318

Net IPsec................................................................................................................................1321

ike-daemon..................................................................................................................1321

ike-peer........................................................................................................................1322

ike-sa............................................................................................................................1326

ipsec-policy..................................................................................................................1327

ipsec-sa........................................................................................................................1330

manual-security-association........................................................................................1331

traffic-selector...............................................................................................................1333

Table of Contents

Net Rate Shaping..................................................................................................................1335

class.............................................................................................................................1335

color-policer..................................................................................................................1338

drop-policy...................................................................................................................1340

queue...........................................................................................................................1342

shaping-policy..............................................................................................................1345

Net Tunnels............................................................................................................................1349

etherip..........................................................................................................................1349

fec................................................................................................................................1350

fec-stat.........................................................................................................................1353

geneve.........................................................................................................................1354

gre................................................................................................................................1356

ipip...............................................................................................................................1358

ipsec.............................................................................................................................1360

map..............................................................................................................................1361

ppp...............................................................................................................................1363

tunnel...........................................................................................................................1365

v6rd..............................................................................................................................1368

vxlan.............................................................................................................................1370

wccp.............................................................................................................................1372

PEM........................................................................................................................................1375

forwarding-endpoint.....................................................................................................1375

interception-endpoint...................................................................................................1378

irule..............................................................................................................................1380

listener.........................................................................................................................1382

policy............................................................................................................................1384

service-chain-endpoint.................................................................................................1399

sessiondb.....................................................................................................................1402

subscriber....................................................................................................................1405

subscriber-attribute......................................................................................................1407

subscribers...................................................................................................................1410

PEM Global Settings.............................................................................................................1411

analytics.......................................................................................................................1411

insert-content...............................................................................................................1412

quota-mgmt..................................................................................................................1413

subscriber-activity-log..................................................................................................1414

PEM Profile............................................................................................................................1417

diameter-endpoint........................................................................................................1417

Table of Contents

radius-aaa....................................................................................................................1419

spm..............................................................................................................................1421

PEM Protocol.........................................................................................................................1425

diameter-avp................................................................................................................1425

radius-avp....................................................................................................................1428

PEM Protocol Profile............................................................................................................1431

gx.................................................................................................................................1431

radius...........................................................................................................................1435

PEM Quota Management......................................................................................................1441

rating-group..................................................................................................................1441

PEM Reporting......................................................................................................................1445

format-script.................................................................................................................1445

PEM Stats..............................................................................................................................1449

action...........................................................................................................................1449

dtos..............................................................................................................................1451

gx.................................................................................................................................1452

gy.................................................................................................................................1454

hsl................................................................................................................................1455

radius...........................................................................................................................1457

subscriber....................................................................................................................1458

tethering.......................................................................................................................1459

Security Analytics.................................................................................................................1461

settings.........................................................................................................................1461

Security Anti Fraud...............................................................................................................1465

engine-update..............................................................................................................1465

profile...........................................................................................................................1466

signatures-update........................................................................................................1486

Security Datasync.................................................................................................................1489

device-stats..................................................................................................................1489

global-profile................................................................................................................1490

local-profile...................................................................................................................1492

Security DOS.........................................................................................................................1495

bot-signature................................................................................................................1495

Table of Contents

bot-signature-category.................................................................................................1496

device-config................................................................................................................1497

network-whitelist..........................................................................................................1505

profile...........................................................................................................................1508

spva-stats.....................................................................................................................1522

udp-portlist...................................................................................................................1524

Security Firewall...................................................................................................................1527

address-list...................................................................................................................1527

config-change-log........................................................................................................1529

container-stat...............................................................................................................1530

current-state.................................................................................................................1531

fqdn-entity....................................................................................................................1531

fqdn-info.......................................................................................................................1532

global-fqdn-policy.........................................................................................................1533

global-rules..................................................................................................................1534

management-ip-rules...................................................................................................1536

matching-rule...............................................................................................................1542

on-demand-compilation................................................................................................1543

on-demand-rule-deploy................................................................................................1544

policy............................................................................................................................1545

port-list.........................................................................................................................1550

port-misuse-policy........................................................................................................1552

rule-list.........................................................................................................................1554

rule-stat........................................................................................................................1563

schedule.......................................................................................................................1563

user-domain.................................................................................................................1566

user-list........................................................................................................................1567

Security HTTP.......................................................................................................................1569

file-type........................................................................................................................1569

mandatory-header........................................................................................................1569

profile...........................................................................................................................1570

Security IP Intelligence........................................................................................................1577

blacklist-category.........................................................................................................1577

feed-list.........................................................................................................................1578

global-policy.................................................................................................................1581

info...............................................................................................................................1583

policy............................................................................................................................1584

Security Log..........................................................................................................................1587

network-storage-field....................................................................................................1587

Table of Contents

profile...........................................................................................................................1587

protocol-dns-storage-field............................................................................................1601

protocol-sip-storage-field..............................................................................................1601

remote-format...............................................................................................................1602

storage-field.................................................................................................................1603

Sys.........................................................................................................................................1605

autoscale-group...........................................................................................................1605

clock.............................................................................................................................1606

cluster..........................................................................................................................1606

config...........................................................................................................................1608

config-diff.....................................................................................................................1613

connection....................................................................................................................1614

console.........................................................................................................................1616

cpu...............................................................................................................................1617

daemon-ha...................................................................................................................1617

datastor........................................................................................................................1619

db.................................................................................................................................1621

default-config................................................................................................................1622

dns...............................................................................................................................1623

failover..........................................................................................................................1624

feature-module.............................................................................................................1626

fix-connection...............................................................................................................1627

folder............................................................................................................................1628

geoip............................................................................................................................1630

global-settings..............................................................................................................1631

ha-group.......................................................................................................................1634

ha-status......................................................................................................................1637

hardware......................................................................................................................1637

host-info.......................................................................................................................1638

httpd.............................................................................................................................1639

hypervisor-info..............................................................................................................1643

icmp-stat......................................................................................................................1644

icontrol-soap................................................................................................................1644

ip-address....................................................................................................................1645

ip-stat...........................................................................................................................1646

iprep-status..................................................................................................................1647

license..........................................................................................................................1648

log................................................................................................................................1649

log-rotate......................................................................................................................1651

mac-address................................................................................................................1653

management-dhcp.......................................................................................................1654

management-ip............................................................................................................1655

management-ovsdb.....................................................................................................1656

Table of Contents

management-route.......................................................................................................1658

mcp-state.....................................................................................................................1660

memory........................................................................................................................1660

ntp................................................................................................................................1661

outbound-smtp.............................................................................................................1664

proc-info.......................................................................................................................1665

provision.......................................................................................................................1665

pva-traffic.....................................................................................................................1668

scriptd..........................................................................................................................1669

service..........................................................................................................................1670

smtp-server..................................................................................................................1672

snmp............................................................................................................................1673

sshd.............................................................................................................................1684

state-mirroring..............................................................................................................1687

sync-sys-files................................................................................................................1688

syslog...........................................................................................................................1689

tmm-info.......................................................................................................................1692

tmm-traffic....................................................................................................................1693

traffic............................................................................................................................1693

ucs...............................................................................................................................1694

version..........................................................................................................................1696

Sys Application.....................................................................................................................1697

apl-script......................................................................................................................1697

custom-stat..................................................................................................................1699

service..........................................................................................................................1700

template.......................................................................................................................1703

Sys Crypto.............................................................................................................................1715

cert...............................................................................................................................1715

check-cert....................................................................................................................1717

client.............................................................................................................................1718

crl.................................................................................................................................1720

csr................................................................................................................................1721

key................................................................................................................................1723

master-key...................................................................................................................1727

pkcs12..........................................................................................................................1728

server...........................................................................................................................1730

Sys Crypto FIPs....................................................................................................................1733

by-handle.....................................................................................................................1733

external-hsm................................................................................................................1733

key................................................................................................................................1734

Table of Contents

Sys Daemon Log Settings....................................................................................................1737

clusterd........................................................................................................................1737

csyncd..........................................................................................................................1738

icrd...............................................................................................................................1739

lind...............................................................................................................................1740

mcpd............................................................................................................................1741

tmm..............................................................................................................................1742

Sys Disk.................................................................................................................................1745

application-volume.......................................................................................................1745

directory.......................................................................................................................1746

logical-disk...................................................................................................................1747

Sys File..................................................................................................................................1749

apache-ssl-cert............................................................................................................1749

data-group....................................................................................................................1751

device-capabilities-db...................................................................................................1753

external-monitor...........................................................................................................1755

ifile................................................................................................................................1756

rewrite-rule...................................................................................................................1758

ssl-cert.........................................................................................................................1759

ssl-crl............................................................................................................................1762

ssl-key..........................................................................................................................1763

Sys FPGA..............................................................................................................................1767

firmware-config............................................................................................................1767

info...............................................................................................................................1768

Sys iCall.................................................................................................................................1769

event............................................................................................................................1769

istats-trigger.................................................................................................................1770

publisher.......................................................................................................................1771

script............................................................................................................................1772

Sys iCall Handler..................................................................................................................1775

periodic........................................................................................................................1775

perpetual......................................................................................................................1777

triggered.......................................................................................................................1778

Sys IPFIX...............................................................................................................................1781

destination....................................................................................................................1781

Table of Contents

element........................................................................................................................1781

irules............................................................................................................................1783

Sys Log Config.....................................................................................................................1785

filter..............................................................................................................................1785

publisher.......................................................................................................................1787

Sys Log Config Destination.................................................................................................1789

alertd............................................................................................................................1789

arcsight........................................................................................................................1790

ipfix...............................................................................................................................1792

local-database..............................................................................................................1794

local-syslog..................................................................................................................1795

management-port.........................................................................................................1796

remote-high-speed-log.................................................................................................1798

remote-syslog...............................................................................................................1800

splunk...........................................................................................................................1802

Sys Performance...................................................................................................................1805

all-stats.........................................................................................................................1805

connections..................................................................................................................1806

dnsexpress...................................................................................................................1806

dnssec..........................................................................................................................1807

gtm...............................................................................................................................1808

ramcache.....................................................................................................................1809

system..........................................................................................................................1809

throughput....................................................................................................................1810

Sys Raid.................................................................................................................................1813

array.............................................................................................................................1813

bay...............................................................................................................................1814

disk...............................................................................................................................1815

Sys Sflow...............................................................................................................................1817

receiver........................................................................................................................1817

Sys Sflow Data Source.........................................................................................................1819

http...............................................................................................................................1819

interface.......................................................................................................................1819

system..........................................................................................................................1820

vlan..............................................................................................................................1820

Table of Contents

Sys Sflow Global Settings....................................................................................................1823

http...............................................................................................................................1823

interface.......................................................................................................................1824

system..........................................................................................................................1825

vlan..............................................................................................................................1826

Sys Software.........................................................................................................................1829

block-device-image......................................................................................................1829

block-device-software-hotfix.........................................................................................1831

hotfix............................................................................................................................1833

image...........................................................................................................................1836

signature......................................................................................................................1838

status...........................................................................................................................1839

update..........................................................................................................................1841

update-status...............................................................................................................1842

volume..........................................................................................................................1843

Sys URL DB...........................................................................................................................1847

download-result............................................................................................................1847

download-schedule......................................................................................................1848

url-category..................................................................................................................1849

Util..........................................................................................................................................1853

ccmode.......................................................................................................................1853

diadb...........................................................................................................................1853

dnat.............................................................................................................................1854

finalize-custom-ami......................................................................................................1856

lsndb...........................................................................................................................1857

platform_check.............................................................................................................1859

sipdb...........................................................................................................................1859

ssh-keyswap...............................................................................................................1860

test-monitor..................................................................................................................1861

VCMP.....................................................................................................................................1863

global...........................................................................................................................1863

guest............................................................................................................................1863

traffic-profile.................................................................................................................1868

vdisk.............................................................................................................................1869

virtual-disk....................................................................................................................1870

virtual-disk-template.....................................................................................................1871

VCMP Health.........................................................................................................................1873

Table of Contents

ha-status......................................................................................................................1873

module-provision..........................................................................................................1873

prompt..........................................................................................................................1874

software........................................................................................................................1875

WAM.......................................................................................................................................1877

ad-policy.......................................................................................................................1877

application....................................................................................................................1878

domain-list....................................................................................................................1883

object-type...................................................................................................................1884

policy............................................................................................................................1886

roi-statistics..................................................................................................................1908

WAM Resource......................................................................................................................1909

concat-set....................................................................................................................1909

domain-list....................................................................................................................1910

url.................................................................................................................................1911

WOM.......................................................................................................................................1913

advertised-route...........................................................................................................1913

deduplication................................................................................................................1915

diagnose-conn.............................................................................................................1916

endpoint-discovery.......................................................................................................1916

local-endpoint...............................................................................................................1918

remote-endpoint...........................................................................................................1921

remote-route................................................................................................................1924

server-discovery...........................................................................................................1925

verify-config..................................................................................................................1927

WOM Profile...........................................................................................................................1929

cifs................................................................................................................................1929

isession........................................................................................................................1931

mapi.............................................................................................................................1934

Table of Contents

Legal Notices

Publication Date

This document was published on September 1, 2015.

Publication Number

MAN-0306-10

F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5 assumes

no responsibility for the use of this information, nor any infringement of patents or other rights of third

parties which may result from its use. No license is granted by implication or otherwise under any patent,

licenses. F5 reserves the right to change specications at any time without notice.

Trademarks

3DNS, Access Policy Manager, Acopia, Acopia Networks, Advanced Client Authentication, Advanced

Routing, APM, Application Security Manager, ARX, AskF5, ASM, BIG-IP, Cloud Extender, CloudFucious,

CMP, Data Manager, DevCentral, DevCentral [DESIGN], DNS Express, DSC, DSI, Edge Client, Edge

Gateway, Edge Portal, EM, Enterprise Manager, F5, F5 [DESIGN], F5 Management Pack, F5 Networks,

F5 World, Fast Application Proxy, Fast Cache, FirePass, Global Trafc Manager, GTM, IBR, Intelligent

Browser Referencing, Intelligent Compression, IPv6 Gateway, iApps, iControl, iHealth, iQuery, iRules,

iRules OnDemand, iSession, IT agility. Your way., L7 Rate Shaping, LC, Link Controller, Local Trafc

Manager, LTM, Message Security Module, MSM, Netcelera, OneConnect, Packet Velocity, Protocol

Security Module, PSM, Real Trafc Policy Builder, Scale

, SSL Acceleration, StrongBox, SuperVIP, SYN

Check, TCP Express, TDR, TMOS, Trafc Management Operating System, TrafcShield, Transparent

Data Reduction, VIPRION, vCMP, WA, WAN Optimization Manager, WANJet, WebAccelerator, WOM,

and ZoneRunner, are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries,

and may not be used without F5's express written consent.

All other product and company names herein may be trademarks of their respective owners.

Patents

This product may be protected by one or more patents indicated at:

http://www.f5.com/about/guidelines-policies/patents

Export Regulation Notice

This product may include cryptographic software. Under the Export Administration Act, the United States

government may consider it a criminal offense to export this product from the United States.

RF Interference Warning

This is a Class A product. In a domestic environment this product may cause radio interference, in which

case the user may be required to take adequate measures.

FCC Compliance

This equipment has been tested and found to comply with the limits for a Class A digital device pursuant

to Part 15 of FCC rules. These limits are designed to provide reasonable protection against harmful

interference when the equipment is operated in a commercial environment. This unit generates, uses, and

can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual,

may cause harmful interference to radio communications. Operation of this equipment in a residential area

is likely to cause harmful interference, in which case the user, at his own expense, will be required to take

whatever measures may be required to correct the interference.

Any modications to this device, unless expressly approved by the manufacturer, can void the user's authority

to operate this equipment under part 15 of the FCC rules.

Canadian Regulatory Compliance

This Class A digital apparatus complies with Canadian ICES-003.

Standards Compliance

This product conforms to the IEC, European Union, ANSI/UL and Canadian CSA standards applicable to

Information Technology products at the time of manufacture.

Legal notices

Publication Date

This document was published on September 1, 2015.

Publication Number

MAN-0306-10

F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5 assumes

no responsibility for the use of this information, nor any infringement of patents or other rights of third

parties which may result from its use. No license is granted by implication or otherwise under any patent,

licenses. F5 reserves the right to change specications at any time without notice.

Trademarks

AAM, Access Policy Manager, Advanced Client Authentication, Advanced Firewall Manager, Advanced

Routing, AFM, APM, Application Acceleration Manager, Application Security Manager, AskF5, ASM,

BIG-IP, BIG-IP EDGE GATEWAY, BIG-IQ, Cloud Extender, Cloud Manager, CloudFucious, Clustered

Multiprocessing, CMP, COHESION, Data Manager, DDoS Frontline, DDoS SWAT, Defense.Net, defense.net

[DESIGN], DevCentral, DevCentral [DESIGN], DNS Express, DSC, DSI, Edge Client, Edge Gateway,

Edge Mobile, Edge Mobility, Edge Portal, ELEVATE, EM, ENGAGE, Enterprise Manager, F5, F5

[DESIGN], F5 Agility, F5 Certied [DESIGN], F5 Networks, F5 SalesXchange [DESIGN], F5 Synthesis,

f5 Synthesis, F5 Synthesis [DESIGN], F5 TechXchange [DESIGN], Fast Application Proxy, Fast Cache,

FCINCO, Global Trafc Manager, GTM, GUARDIAN, iApps, IBR, iCall, iControl, iHealth, Intelligent

Browser Referencing, Intelligent Compression, IPv6 Gateway, iQuery, iRules, iRules OnDemand, iSession,

L7 Rate Shaping, LC, Link Controller, LineRate, LineRate Point, LineRate Precision, LineRate Systems

Legal Notices

[DESIGN], Local Trafc Manager, LROS, LTM, Message Security Manager, MobileSafe, MSM,

OneConnect, Packet Velocity, PEM, Policy Enforcement Manager, Protocol Security Manager, PSM, Ready

Defense, Real Trafc Policy Builder, SalesXchange, ScaleN, SDAS (except in Japan), SDC, Signalling

Delivery Controller, Solutions for an application world, Software Designed Application Services, Silverline,

SSL Acceleration, SSL Everywhere, StrongBox, SuperVIP, SYN Check, SYNTHESIS, TCP Express, TDR,

TechXchange, TMOS, TotALL, TDR, TMOS, Trafc Management Operating System, Trafx, Trafx

[DESIGN], Transparent Data Reduction, UNITY, VAULT, vCMP, VE F5 [DESIGN], Versafe, Versafe

[DESIGN], VIPRION, Virtual Clustered Multiprocessing, WebSafe, and ZoneRunner, are trademarks or

service marks of F5 Networks, Inc., in the U.S. and other countries, and may not be used without F5's

express written consent.

All other product and company names herein may be trademarks of their respective owners.

Patents

This product may be protected by one or more patents indicated at: https://f5.com/about-us/policies/patents