Mohanad
Jun 19, 2023Cirrostratus
iRule for limiting concurrent sessions to VS
Hello everyone,
i'm looking for iRule for limiting concurrent sessions.
when the sessions has reached the maximum (10,000), new sessions will be droped if the mobile app trying to connect to this uri (/v1/healthCheck), i found 2 iRules, but i want to combine them to achieve the required actions
as far i understand the below irule working on layer4
when CLIENT_ACCEPTED {
set tbl "connlimit:[IP::client_addr]"
set key "[TCP::client_port]"
if { [table keys -subtable $tbl -count] > 1000 } {
event CLIENT_CLOSED disable
reject
} else {
table set -subtable $tbl $key "ignored" 180
set timer [after 60000 -periodic { table lookup -subtable $tbl $key }]
}
}
when CLIENT_CLOSED {
after cancel $timer
table delete -subtable $tbl $key
}
and this one on layer 7
when HTTP_REQUEST {
if {[HTTP::uri] contains "/v1/healthCheck"} {
HTTP::respond 404 content "Maximum concurrent sessions limit reached"
drop
}
}
Thank you.