For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

spalande's avatar
spalande
Icon for Nacreous rankNacreous
Dec 13, 2013

iRule to allow only POST method

I'm using iRule from wiki page where need to throttle http requests also need to allow only POST requests, others should be dropped. throttling works great but having issue with dropping other http m...
application delivery
devops
iRules
IheartF5_45022's avatar
IheartF5_45022
Icon for Nacreous rankNacreous
Dec 16, 2013

Try this;

when RULE_INIT {
    set static::maxRate 10
    set static::windowSecs 3
    set static::timeout 30
}
when HTTP_REQUEST {
    set method [HTTP::method]
    log local0. "http request is of $method"
    if { $method eq "POST" } {
        set postCount [table key -count -subtable [IP::client_addr]]
        log local0. "postCount=$postCount"
        if { $postCount < $static::maxRate } {
            incr postCount 1
            table set -subtable [IP::client_addr] [expr {int (rand() * 10000)}] "ignore" $static::timeout $static::windowSecs
            return
        } else {
            log local0. "This user $user has exceeded the number of requests allowed."
            HTTP::respond 501 noserver Content "Request blockedExceeded requests/sec limit." Retry-After [expr {int (rand() * 100)}]
            return
        } 
    } else {
         Return "Method not allowed"
        HTTP::respond 405 noserver
        return
    }
}