Forum Discussion

ryuusei_80455's avatar
ryuusei_80455
Icon for Nimbostratus rankNimbostratus
Oct 06, 2010

iRule for URL base tcp connection limit

Hi I'm writing a URL base tcp connection limit rule.

 

 

 

For capacity of back-end legacy system,

 

Need to limit the http request at same time.

 

 

 

Any comments or suggestions would be appriciated.

 

 

 

--

 

 

 

when RULE_INIT {

 

 

 

The maximum number of TCP connections to the virtual server

 

set ::max_connections 10

 

 

 

Clear the array of clients

 

array set ::active_clients { }

 

 

 

Set an HTML response to sent to clients who make a request while the VIP is over the max connection

 

set ::html_content "over limit"

 

 

 

}

 

 

 

when HTTP_REQUEST {

 

 

 

log local0. "\$::active_clients: [array get ::active_clients] (size: [array size ::active_clients])"

 

 

 

if { [HTTP::path] ends_with "LIMIT URL" } {

 

 

 

Check if client is already over the maximum

 

if { [array size ::active_clients] > $::max_connections } {

 

 

 

log local0. "Limited connection from [IP::client_addr]:[TCP::client_port] (size: [array size ::active_clients])"

 

 

 

Send a response

 

HTTP::respond 200 content $::html_content

 

 

 

Close the connection

 

TCP::close

 

}

 

set ::active_clients([IP::client_addr]:[TCP::client_port]) 1

 

} else {

 

if { [info exists ::active_clients([IP::client_addr]:[TCP::client_port])]} {

 

Clear the array element

 

unset ::active_clients([IP::client_addr]:[TCP::client_port])

 

}

 

}

 

 

 

}

 

 

 

when HTTP_RESPONSE {

 

 

 

Check if the client is in the array

 

if { [info exists ::active_clients([IP::client_addr]:[TCP::client_port])]} {

 

Clear the array element

 

unset ::active_clients([IP::client_addr]:[TCP::client_port])

 

}

 

 

 

}

 

 

 

when CLIENT_CLOSED {

 

 

 

Check if the client is in the array

 

if { [info exists ::active_clients([IP::client_addr]:[TCP::client_port])]} {

 

Clear the array element

 

unset ::active_clients([IP::client_addr]:[TCP::client_port])

 

}

 

 

 

}

 

 

 

 

 

 

--

 

 

 

 

 

No RepliesBe the first to reply