Custom dynamic signature
We have a problem with a few clients that, from time to time, spamming us with specific parameter in the body.
For example, regular traffic is 10 TPS of parameter ABC, and sometimes those requests could be X100 more.
I'm looking for a mechanism to mitigate those problematic requests when they occur.
Is it possible to use the BADoS tool with a dynamic custom signature option?
When some of the clients are spamming us by IP with parameter Y in the body, enforce the dynamic signature (automatic or manually)
This should allow me to block only the spam amount of the requests with this parameter from a specific IP and to not affect other clients' legitimate requests.
But I can see only an option for 'Headers' in dynamic custom signature configurations.
Is there an option to check the body?
Is there any other solution that can match my problem? iRule?
I appreciate your help!