Forum Discussion
midhun_108442
Jan 21, 2012Nimbostratus
Help need to create a irule for limit Client Connection
Hi,
Can anyone help us to create a irule to limit number of client connection hitting to Virtual server , I got the same irule scenario in Dev central site for (iRule.Limit Connection from C...
Thomas_Heloin_3
Jan 23, 2012Historic F5 Account
Hello,
You might want to try this.
I had the same question today through support. Once you are happy with your testing, you can make it more efficient by removing the log and else statement
when CLIENT_ACCEPTED {
if { [table incr [IP::client_addr]] > [class match [IP::client_addr] equals conn_limit] } {
log local0. "counter: [table lookup [IP::client_addr]]"
table incr [IP::client_addr] -1
TCP::close
Tested in v11.1 HF1, TMM is not stable when doing TCP::close and table manipulation in CLIENT_CLOSED event
This solution appears more stable, no guarantees however.
event CLIENT_CLOSED disable
} else {
log local0. "counter: [table lookup [IP::client_addr]]"
}
}
when CLIENT_CLOSED {
table incr [IP::client_addr] -1
log local0. "counter: [table lookup [IP::client_addr]]"
}
The Data Group looks like this;
class conn_limit {
network 172.0.0.0/8 { "2" }
}
Thomas
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects