Limit HTTP Request on LTM

Hello.

You can use this approach replacing those global variables by table variables (for being CMP compatible).

https://devcentral.f5.com/s/articles/http-session-limit-1

https://clouddocs.f5.com/api/irules/table.html

The basic idea is to increase the counter value when HTTP_REQUEST is executed and decrease the same variable when HTTP_RESPONSE_RELEASE is executed.

Regards,

Dario.

Hello Dario thank you very much for reply,

I solved my problem via using following irule, it works very well, this i rule briefly count the coming http request on the vip ip if the uri's are /bla/blaservice or /bla/blaservices, then if maximum rate is reached within 2 sec, then bigip response http 2oo status code with blank pages.

when RULE_INIT {
    set static::maxRate 4000
    set static::windowSecs 2
}
when HTTP_REQUEST {
        
    if { [HTTP::uri] == "/blablaservice" or [HTTP::uri] == "/blablaservices/"} {
        # set variables
        set limiter [string tolower [HTTP::uri]]
        set vip_limitervar [IP::local_addr]:$limiter
        set get_count [table key -count -subtable $vip_limitervar]
        # main condition
        if { $get_count < $static::maxRate } {
            incr get_count 1
             table set -subtable $vip_limitervar $get_count $vip_limitervar indefinite $static::windowSecs
        } else {
            #log local0. "$vip_limitervar has exceeded the number of requests allowed."
            HTTP::respond 200 content ""
            return
        }
    }
}