PREVENT THE SAME USER

Question

Hello,&nbsp;
&nbsp;Within the same time the same user, How can we prevent from making the multiple connections to different servers in different ?&nbsp;
&nbsp;by the way traffic is not http that is tcp traffic. I guess we need to write an irule related to ip address. &nbsp;
&nbsp;Please help me about this matter&nbsp;
&nbsp;Thank you in advance for your support&nbsp;
&nbsp;Kind regards,&nbsp;

nitass · Answer

is this applicable? 
&nbsp;  
&nbsp; iRule::ology; Connection Limiting Take 2 by Colin 
&nbsp; https://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086427/iRuleology-Connection-Limiting-Take-2.aspx

waterfall_10467 · Answer

Hi Nitass,&nbsp;
&nbsp;Thank you for your quick reply.However,a restriction isn't wanted on the virtual server. let me be clear , If a client logged on to back end server and it's connection is still going on, within the same time, client won't be able to connect to same or different server again. is that possible for you?&nbsp;
&nbsp;please help me about the matter.&nbsp;
&nbsp;Thank you in advance &nbsp;

michael_yates · Answer

Hi can, 
&nbsp;  
&nbsp; iRules are event driven and applied to a Virtual Server(s). 
&nbsp;  
&nbsp; If you want to limit a client to one server then it must be done so within the scope of a Virtual Server or multiple Virtual Servers. 
&nbsp;  
&nbsp; If the target server(s) are on a VLAN owned by the BIG-IP then you should still have a Forwarder Virtual Server to apply an iRule to and you could still use the methodology pointed out by Nitass. 
&nbsp;  
&nbsp; Hope this helps.

waterfall_10467 · Answer

Hi Michael, &nbsp;
&nbsp; I guess I have explained you wrong the existing needing. As you mentioned in your response, as a matter of course we have to do this on the virtual server.However, We do not want to apply any rate limiting on the virtual server in total. we just want that If a client logged on to server over the virtual server and its session still is active on the virtual server ,it will never be able to make second connection without disconnecting. &nbsp;
&nbsp; Please help me about this matter &nbsp;
&nbsp; thank you in advance.

nitass · Answer

we just want that If a client logged on to server over the virtual server and its session still is active on the virtual server ,it will never be able to make second connection without disconnecting. have you tried irule in the article? i still think it is applicable for your case. 
&nbsp;  
&nbsp; in this line, you may change from 1000 to 2 in case if you want to have only 1 connection per client address. 
&nbsp;  
&nbsp; if { [table keys -subtable $tbl -count] &gt; 1000 } {

Forum Discussion

PREVENT THE SAME USER

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Guarding Large Language Models: Advanced Approaches to Preventing Model Theft

Operationlizing Online Fraud Detection, Prevention, and Response

API Security Strategy - Discover and map APIs, block unwanted connection and prevent data leakage

SSL Orchestrator Advanced Use Cases: Integrating F5 Intrusion Prevention System (IPS)

Update your DevCentral user profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS