Forum Discussion

midhun_108442's avatar
midhun_108442
Icon for Nimbostratus rankNimbostratus
Jan 21, 2012

Help need to create a irule for limit Client Connection

Hi,     Can anyone help us to create a irule to limit number of client connection hitting to Virtual server , I got the same irule scenario in Dev central site for (iRule.Limit Connection from C...
application delivery
dev
devops
iRules
Thomas_Heloin_3's avatar
Thomas_Heloin_3
Historic F5 Account
Jan 23, 2012
Hello,

You might want to try this.

I had the same question today through support. Once you are happy with your testing, you can make it more efficient by removing the log and else statement 



when CLIENT_ACCEPTED {
if { [table incr [IP::client_addr]] > [class match [IP::client_addr] equals conn_limit] } {
log local0. "counter: [table lookup [IP::client_addr]]"
table incr [IP::client_addr] -1
TCP::close

 Tested in v11.1 HF1, TMM is not stable when doing TCP::close and table manipulation in CLIENT_CLOSED event
 This solution appears more stable, no guarantees however.
event CLIENT_CLOSED disable
} else {
log local0. "counter: [table lookup [IP::client_addr]]"
}
}

when CLIENT_CLOSED {
table incr [IP::client_addr] -1
log local0. "counter: [table lookup [IP::client_addr]]"
}

The Data Group looks like this;

class conn_limit {

network 172.0.0.0/8 { "2" }

}

Thomas