The following command enables WAF (intercept parameter) on the 20.200.25.200 Virtual Service:

curl -k https://bal:1fourall@20.200.25.100/access/modvs?vs=20.200.25.200&port=80&prot=tcp&intercept=Y

Response: 

<Response stat="200" code="ok">
<Success>
<Data>
<Status>Down</Status>
<Index>2</Index>
<VSAddress>20.200.25.200</VSAddress>
<VSPort>80</VSPort>
<NickName>newname</NickName>
<Enable>Y</Enable>
<SSLReverse>N</SSLReverse>
<SSLReencrypt>N</SSLReencrypt>

<Intercept>Y</Intercept>

<InterceptOpts>
<Opt>opnormal</Opt>
<Opt>auditnone</Opt>
<Opt>reqdatadisable</Opt>
<Opt>resdatadisable</Opt>
</InterceptOpts>
<AlertThreshold>0</AlertThreshold>
<Transactionlimit>0</Transactionlimit>
<Transparent>Y</Transparent>
<ServerInit>0</ServerInit>
<StartTLSMode>0</StartTLSMode>
<Idletime>0</Idletime>
<Cache>N</Cache>
<Compress>N</Compress>
<Verify>0</Verify>
<UseforSnat>N</UseforSnat>
<ForceL7>Y</ForceL7>
<ClientCert>0</ClientCert>
<ErrorCode>0</ErrorCode>
<CheckUse1.1>N</CheckUse1.1>
<MatchLen>0</MatchLen>
<CheckUseGet>0</CheckUseGet>
<SSLRewrite>0</SSLRewrite>
<VStype>http</VStype>
<FollowVSID>0</FollowVSID>
<Protocol>tcp</Protocol>
<Schedule>rr</Schedule>
<CheckType>http</CheckType>
<PersistTimeout>0</PersistTimeout>
<CheckPort>0</CheckPort>
<NRules>0</NRules>
<NRequestRules>0</NRequestRules>
<NResponseRules>0</NResponseRules>
<NPreProcessRules>0</NPreProcessRules>
<EspEnabled>N</EspEnabled>
<InputAuthMode>0</InputAuthMode>
<OutputAuthMode>0</OutputAuthMode>
<MasterVS>0</MasterVS>
<MasterVSID>0</MasterVSID>
<AddVia>0</AddVia>
<TlsType>N</TlsType>
<NeedHostName>N</NeedHostName>
<OCSPVerify>N</OCSPVerify>
<NumberOfRSs>0</NumberOfRSs>
</Data>
</Success>
</Response>