complicated connection over time irule

Question

I need to write an irule for use with a single virtual server redirecting traffic to a specific pool based on URI to control traffic in the following ways:
1. limit any public ip addresses to a max of accessing 2 connections per minute with a total of 10 unique connections in one day.
2. Any per ip access attempts more than 3 requests in 10 seconds be black listed.
3. log the above ip addresses in a table allowing admin review and entry removal.&nbsp;
I have been looking through articles and think I have other sources but have not yet had a window to try it in the lab. Any suggestions or links to other articles are greatly appreciated.&nbsp;
only LTM is running on the appliances, TMOS is 11.2&nbsp;

the_bhattman · Answer

Here are some posts that can give you some ideas how to write up the rile you need&nbsp;
https://devcentral.f5.com/questions/randomly-unpredictable-rate-limiting-using-the-irule-irulesvirtual_server_connection_rate_limit_with_tablesashx&nbsp;
https://devcentral.f5.com/articles/v101-irules-rate-limiting-with-the-table-command&nbsp;
https://devcentral.f5.com/wiki/iRules.HTTP-URI-Request-Limiter.ashx?NoRedirect=1&amp;NS=iRules&nbsp;
I hope this helps,&nbsp;
-=Bhattman=-&nbsp;

Forum Discussion

complicated connection over time irule

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5OS login with admin/root failed via console

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Unblock Request WAF

Share what you learned on DevCentral in 2025

Failing over Virtual F5 VE to DR location using Zerto

Related Content

Advanced iRules: Sideband Connections

iRules LX Sideband Connection

iRules LX Sideband Connection - Handling timeouts

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

F5 Distributed Cloud Kubernetes Integration: Securing Services with Direct Pod Connectivity

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS