Forum Discussion

midhun_108442's avatar
midhun_108442
Icon for Nimbostratus rankNimbostratus
Jan 21, 2012

Help need to create a irule for limit Client Connection

Hi,     Can anyone help us to create a irule to limit number of client connection hitting to Virtual server , I got the same irule scenario in Dev central site for (iRule.Limit Connection from C...
application delivery
dev
devops
iRules
hooleylist's avatar
hooleylist
Icon for Cirrostratus rankCirrostratus
Jan 21, 2012
Hi Midhun,

Which LTM version are you running? Which iRule did you try? Do you want to limit each client to X TCP connections to a virtual server?

If you're on 10.1 or higher, can you try this iRule? 


 From http://devcentral.f5.com/wiki/iRules.table.ashx
 Limit each client IP address to 20 concurrent connections
when CLIENT_ACCEPTED {

    Set a subtable name with a standard prefix and the client IP
   set tbl "connlimit:[IP::client_addr]"

    Use a key of the client IP:port
   set key "[IP::client_addr][TCP::client_port]"

    Check if the subtable has over 20 entries
   if { [table keys -subtable $tbl -count] > 20 } {
      reject
   } else {

       Add the client IP:port to the client IP-specific subtable 
         with a max lifetime of 180 seconds
      table set -subtable $tbl $key "ignored" 180
   }
}

when CLIENT_CLOSED {
    When the client connection is closed, remove the table entry
   table delete -subtable $tbl $key
}

Aaron