How to Create Application Firewall Policy for Chunk Requests to Bypass Application Firewall on Citrix ADC 8.1-9.3

How to Create Application Firewall Policy for Chunk Requests to Bypass Application Firewall on Citrix ADC 8.1-9.3

book

Article ID: CTX138488

calendar_today

Updated On:

Description

This article describes how to create application firewall policy for chunk requests to bypass Application Firewall module.

Background

In NetScaler software release 8.1 to 9.3 the Application Firewall module does not support chunked request. As a workaround you can create an Application Firewall bypass policy to bypass the Application Firewall module without disabling the Application Firewall feature.

Instructions

To add an Application Firewall bypass policy, complete the following procedure:

  1. Expand the Application Firewall node in the Configuration Utility.

  2. Expand the Policy node.

  3. Select Firewall.

  4. Click Add to add a policy, as shown in the following screen shot:

    User-added image

Run the following command from the command line interface of the appliance to add an Application Firewall bypass policy:

add appfw policy bypass_chunked_req "HTTP.REQ.HEADER(\"Content-Type\").CONTAINS(\"multipart\") && HTTP.REQ.HEADER(\"Transfer-Encoding\").CONTAINS(\"chunked\")" APPFW_BYPASS

User-added image

Issue/Introduction

This article describes how to create Application Firewall policy for chunk requests to bypass Application Firewall module.

Additional Information

Starting NetScaler software release 10, chunk request handling for Application Firewall is implemented:

Citrix Documentation - NetScaler 10

Powered by Wolken Software