aFleX Tutorial: Scripting Tool for Thunder Products

What is aFlex?

aFleX is a scripting tool that is built into the Thunder Application Delivery Controller (ADC). aFleX is based on a standard scripting language, TCL, enabling the load balancer to perform Layer 7 deep-packet inspection (DPI). Information in the header or data portion of the packet can then be erased, changed or manipulated as needed, or the packet can be dropped or redirected based on the information.

Introduction to aFlex Scripting

Advantages of using aFleX

aFleX policies allow you to exercise more granular control of packet inspection and traffic load balancing. The benefits can be, but are not limited to:

Elements of an aFleX script

Events

Operators

aFleX commands

Note: aFleX is extensible. In future Thunder software releases, additional aFleX events and aFleX commands will be added.

The list of supported Events, Operators, and Commands is available in the Thunder Series aFleX Reference.


aFleX configuration

aFleX configuration is done in 2 steps:

  1. Place the aFleX script on the Thunder device.
    • Using the CLI
      • Use a computer with any text editor to write an aFleX script and save it as a file.
      • Use the import aflex command to import the aFleX file from the computer to the Thunder device.
      • aFleX CLI syntax check: aflex check script-name
    • Using the WebUI
      • With the Thunder’s web interface, you can directly type in aFleX scripts and save them on the Thunder device. In the Thunder WebUI, navigate to Config Mode > Service > aFleX.
    • Using the aFleX Editor
      • The aFleX Editor is a separate PC application you can use to download/upload aFleX scripts from/to the Thunder device. Moreover, the aFleX Editor can do syntax checking. As an editor, it also has syntax highlighting, keyword auto-completion, etc.
  2. Assign the aFleX script to VIP port
    • Using the WebUI: Config Mode > Service > SLB > Virtual Server > Port
    • CLI:
      Thunder(config)# slb virtual-server name [ipaddr]
      Thunder(config-slb vserver)# port N tcp
      Thunder(config-slb vserver-vport)# aflex script-name

aFleX statistics are available in the WebUI or CLI:

script-name

|

June 14, 2018

About Paul Nicholson

Paul Nicholson brings 24 years of experience working with Internet and security companies in the U.S. and U.K. In his current position, Nicholson is responsible for global product marketing and strategy at San Jose, Calif.-based application networking and security leader A10 Networks. Prior to A10 Networks, Nicholson held various technical and management positions at Intel, Pandesic (the Internet company from Intel and SAP), Secure Computing, and various security start-ups. READ MORE