Forum Discussion
Greenberg
Nimbostratus
NimbostratusiRule to Limit Connections from Source IP to Destination IP
Guys,
Novice to iRules brings himself before you.
I've been given a requirement to Limit the number of Connections from a number of Source Hosts to a Destination.
This ...
GreenbergNimbostratus
NimbostratusThe iRule I posted last stopped all Traffic to the Virtual. So I went back to the Drawing Board:-
when RULE_INIT {
Set a global max for number of concurrent TCP connections
set ::max_connections 25
Print debug messages to /var/log/ltm? 1=yes, 0=no
set ::debug 1
Initialize a counter for active connections (don't modify this)
set ::active_connections 0
Log local identifying start
log local0. "rule session_limit initialized: total/max: $::total_active_clients/$::max_active_clients"
}
when HTTP_REQUEST {
if the HTTP Request contains the specified URI String
if { [HTTP::uri] contains "URI" } {
if we are over the limit for the connection, redirect
if { not [HTTP::cookie exists "inpicheckout"] and $::active_connections > $::max_connections} {
redirect
HTTP::redirect "http://www.sorry.com"
Close the connection
TCP::close
Log a message to /var/log/ltm
if {$::debug}{log local0. "Over limit (current/max: $::active_connections/$::max_connections). Closing to [IP::client_addr]"}
Increment the TCP connection count.
incr ::active_connections 1
}
}
when CLIENT_CLOSED {
A connection was closed, so decrement the global counter
incr ::active_connections -1
if the Active Connections are less than 0 then reset to 0
if { $::active_connections <= 0 } { set ::active_connections 0 }
Log a message to /var/log/ltm
if {$::debug}{log local0. "Connection closing to [IP::client_addr]"
}
}
Any thoughts :S
