For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

engtmk's avatar
engtmk
Icon for Nimbostratus rankNimbostratus
Dec 27, 2007

bigip1 panic: unable to alloc 4194304 bytes

I found this error in my LTM log, when I asked the support he said:     that TCL was trying to resize the ::users array (internal hash table) with an index of "time,200.35.63.129", and it crosse...
application delivery
dev
devops
iRules
engtmk's avatar
engtmk
Icon for Nimbostratus rankNimbostratus
Jan 15, 2008
The irule is not working

 

 

an't use empty string as operand of "-" while executing "expr { $now - $usertime } "

 

 

when I log usertime it sometimes returrns nothing

 

 

and also the increment I dont think it save

 

 

here is the irule

 

 

when RULE_INIT {

 

set ::maxconnect 80

 

set ::blocktime 120

 

array set ::users { }

 

array set ::spammers { }

 

}

 

when CLIENT_ACCEPTED {

 

set clientip [IP::remote_addr]

 

log local0. "the client ip is $clientip"

 

if { [matchclass [IP::remote_addr] equals $::smtp_whitelist ] } {

 

Accept unlimited connections from the whitelist users

 

return

 

}

 

 

set now [clock second]

 

if { [ info exists ::spammers($clientip) ] } {

 

if { $::blocktime > [expr { $now - $::spammers($clientip) }] } {

 

the user tries to connect in the blocktime period

 

set ::spammers($clientip) $now

 

TCP::respond "550 Message Rejected - Too Much spam/r/n"

 

log local0. "The user tries to send while in the block period - $clientip"

 

drop

 

return

 

}

 

else {

 

the timeout has expired free the user from the list

 

unset ::spammers($clientip)

 

log local0. "The user has been removed from the list - $clientip"

 

}

 

}

 

if { [info exists ::users($clientip)] } {

 

set usertime [getfield $::users($clientip) ":" 2]

 

log local0. "the user time is $usertime"

 

if { [expr { $now - $usertime } ] > $::blocktime } {

 

the last connection was before the timeout period

 

set ::users($clientip) "1:$now"

 

return

 

}

 

else {

 

the connection was in the timeout

 

set t [getfield $::users($clientip) ":" 1]

 

set ::users($clientip) "[incr [getfield $::users($clientip) ":" 1]]:$now"

 

log local0. "the user - $clientip - has been connected $t times before"

 

incr t

 

set ::users($clientip) "$t,$now"

 

log local0. "the user - $clientip - has been connected $t times after"

 

if { [getfield $::users($clientip) ":" 1] > $::maxconnect } {

 

the user has exceeded the max no of connections

 

add him to the spam list

 

set ::spammers($clientip) $now

 

set ::users($clientip) "1:$now"

 

TCP::respond "550 Message Rejected - Too much spam\r\n"

 

log local0. "this user has started spamming us $clientip "

 

 

drop

 

return

 

}

 

}

 

 

} else {

 

new client

 

set ::users($clientip) "1:$now"

 

set ::users(nb,$clientip) 1

 

set ::users(time,$clientip) $now

 

log local0. "this is user has just connected - $clientip"

 

}

 

 

}