Forum Discussion

kishanw_51248's avatar
kishanw_51248
Icon for Nimbostratus rankNimbostratus
Jun 13, 2012

iRule to limit Sessions to Access Policy Manager based on Client IP

Hi,

 

 

We just discovered a vulnerability on our APM. A port scan was causing an alarm - Global concurrent access session limit reached

 

 

When this happens, legitimate users are unable to login through the F5 device as the max session limit is reached. We have tried setting the "Max Sessions Per User" to "2" under access profile (Version 10.2.3 HF1), but this does not have an impact.

 

 

 

Hence, the box is susceptible to DoS. Unfortunately we are unable to upgrade to v11.2 HF1 at this point in time.

 

 

 

I want to develop an iRule to limit the number of sessions a client IP is able establish to the box. Has anyone encountered this problem? If anyone has a built an iRule that can do this job, appreciate if you can let me know.

 

 

 

Thanks very much!

 

 

 

 

 

 

  • Hi kishanw,

     

     

    Another user had a similar problem in this thread: Limit Client Connections with Table. They included the iRule that they are using as well which you should be able to use since you are in v10.x.x.

     

     

    You may want to read up more on the Table command as well.

     

     

    Houpe this helps.