Forum Discussion
rajeshramhit_11
Sep 14, 2012Nimbostratus
irule optimization suggestions required - ver 10.2.2 table commands - Dynamic rate limiting - for content blocking from source IP for particular path
Hi All,
Thanks to all of you who have been evry activity on these forums and providing solutions to F5 iRule coders
I have been one of the beneficiaries of this and it has been great so far :)
After Learning Table Commands post upgrade of our LTM to 10.2.2, i have been tasked to rate limit source IPs based on HTTP::path and provide a hande to NOC team to clear those blocks manually.
I have been able to create the same with the code below.N
Need to know if this is the best way to do this or if there is any optimization possible to save F5 CPU cycles
All helps and suggestion would be greatly appreciated. Hope this code also helps someone else out there in similar situation -
Best Regards
Rajesh Tripathi
+919833891119
=========================================================
when RULE_INIT {
set static::windowSecs 10
set static::maxquery 10
set static::holdtime 600
}
when HTTP_REQUEST {
switch [string tolower [HTTP::path]] {
"/linkadmin" { set response "Block List Tracking - \<br /> <br /> [clock format [clock seconds]]
Blocked List Tracking
[clock format [clock seconds]]
\
Sr No. - IP : Http Path - Status Manual Clear
" set i 0 foreach key [table keys -subtable "blacklist"] { incr i table add -subtable "cleardata" $key "blocked" append response "
$i $key [table lookup -subtable "blacklist" $key]
" } append response ""
HTTP::respond 200 Content $response "Content-Type" "text/html" "Cache-Control" "no-cache, must-revalidate"
}
"/cleardata" {
set clear [HTTP::query]
log local0. "clear query string $clear"
table delete -subtable "blacklist" $clear
log local0. "executed clear command"
HTTP::redirect "http://[HTTP::host]/linkadmin"
}
default {
set srcip [IP::remote_addr]
set reqPATH [HTTP::path]
if { [table lookup -subtable "blacklist" $srcip:$reqPATH] != "" } {
log local0. "Blocked IP: $srcip"
HTTP::respond 200 content "Blocked Src IPBlocked for this IP $srcip and path - $reqPATH " "Content-Type" "text/html"
} else {
set key "req:$srcip:$reqPATH"
set reqnum [table incr "req:$srcip:$reqPATH"]
set tbl "hitcount:$srcip:$reqPATH"
table set -subtable $tbl $reqnum "ignored" indef $static::windowSecs
if { [table keys -subtable $tbl -count] > $static::maxquery } {
table add -subtable "blacklist" $srcip:$reqPATH "blocked" indef $static::holdtime
set counter [table keys -subtable $tbl -count]
log local0. "Adding Requested Source IP to blocked list after $counter hits and deleting the subtable key $key and value of tabl $tbl"
table delete $key
HTTP::redirect "http://[HTTP::host][HTTP::uri]"
return
} else {
set reqnumber [table keys -subtable $tbl -count]
pool dr_tcsion
log local0. "Allowed request count number - $reqnumber from $srcip for path $reqPATH and reqnum is $reqnum "
}
}
}
}
}
No RepliesBe the first to reply
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects