Introduction to the Rules Engine

Peakhour's Rules Engine allows you to customize the behavior of the Peakhour service at various stages of the request and response lifecycle. Rules are built using the powerful Wirefilter syntax to create precise conditions for your policies.

Phases of Rule Processing

Peakhour processes rules in a specific order, known as phases. This allows you to apply logic at the exact moment it's needed.

For a detailed explanation of each phase, see the Rules Phases Reference.

For a visual representation of the processing order, see the Phase Flow Diagram.

The Wirefilter Language

The expression language used in Peakhour's rules is based on Wirefilter. It provides a rich set of fields, operators, and functions to build your conditions.

• Fields: Access data from the request and response, such as ip.src or http.request.uri.path. See the Fields Reference.
• Operators: Perform comparisons and logical operations, like eq, contains, and, or.
• Functions: Manipulate data within your expressions, such as lower() or len().

For a complete guide to the syntax, see the Wirefilter Language Reference.

Using Rule Lists

Rule Lists are reusable collections of data (like IP addresses or strings) that you can reference in your rules. This makes your configuration cleaner, more scalable, and easier to maintain.

The in operator is used to check if a field's value is present in one of your lists.

Example:

// This rule checks if the source IP is in your 'trusted_ips' list.
ip.src in $trusted_ips

For more information, see the How to Manage Rule Lists Guide.