Forum Discussion
Sequaja_338277
Nimbostratus
NimbostratusiRule with Client Detection
Hi guys,
I have a question regarding an iRule which should work as an BFP.
I want to create an iRule which works as an BFP and identifies the user by three parameters:
1) IP_Address
2)...
Sequaja_338277Nimbostratus
NimbostratusMy Code right now:
when RULE_INIT {
set static::maxloginfailures 10
set static::bantime 200
set static::blacklist_tab "IPBlacklist"
set static::userfail_tab "LoginFailures"
}
when CLIENT_ACCEPTED {
set clientip [IP::client_addr]
set client_UserAgent [ACCESS::session data get session.user.agent]
set client_Platform [ACCESS::session data get session.client.platform]
if { [table lookup -subtable $static::blacklist_tab $clientip] == 1 } {
reject
return
} }
when AUTH_FAILURE {
if {[table lookup -subtable $static::userfail_tab $clientip] > $static::maxloginfailures} then {
table set -subtable $static::blacklist_tab $clientip 0 indef $static::bantime
table delete -subtable $static::userfail_tab $clientip
}
if { [table lookup -subtable $static::userfail_tab $clientip] != 1 } then {
table set -subtable $static::userfail_tab $clientip 0 indef indef
} else {
table incr -subtable $static::userfail_tab $clientip
}
}
when AUTH_Success {
table delete -subtable $static::userfail_tab $clientip
}