Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

AldoSergio's avatar
AldoSergio
Icon for Nimbostratus rankNimbostratus
Mar 18, 2026

F5 rate limiting with Irule

Hello, I need to rate limit 2req/s on some specific url with irule. my F5 is behind a proxy, so i need to get client ip address with x-forwarded-for. can you share with me some irule? Best regards
security
Injeyan_Kostas's avatar
Injeyan_Kostas
Icon for MVP rankMVP
Mar 19, 2026

Hello AldoSergio​ 

you could try this

when HTTP_REQUEST 
{
    set xff [HTTP::header "X-Forwarded-For"]
    
    if { $xff ne "" } 
	{
        set client_ip [lindex [split $xff ","] 0]
        set client_ip [string trim $client_ip]
    } 
	else 
	{
        set client_ip [IP::client_addr]
    }

    if { [HTTP::uri] starts_with "/your/protected/path" } 
	{
        set key "ratelimit_${client_ip}"
        set rate_limit 2
        set window 1

        set req_count [table lookup -notouch $key]

        if { $req_count eq "" } 
		{
            table set $key 1 $window $window
        } 
		elseif { $req_count < $rate_limit } 
		{
            table incr -notouch $key
        } 
		else 
		{
            HTTP::respond 429 content {
                <html><body><h1>429 Too Many Requests</h1>
                <p>Rate limit exceeded. Please slow down.</p></body></html>
            } "Content-Type" "text/html" \
              "Retry-After" "1"
            return
        }
    }
}