Forum Discussion

Nimbostratus

May 17, 2011

Timelimited or session limited class match

I once worked with a product that would allow a user to authenticated to the product using a java applet. Once authenticated that user could have access on certain ports, only from the source IP that ...

Cirrostratus

May 17, 2011

Hi Matt,

That does seem doable with an iRule. And assuming you have a secure method for validating access to the special URIs it should be safe.

I'd use a single iRule which adds the client IP and allowed port(s) to a subtable using the table command. You can set a lifetime on the record to enforce a session timeout. See the table command and subtable series for details:

http://devcentral.f5.com/wiki/default.aspx/iRules/table

http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/2375/v101--The-table-Command--The-Basics.aspx

If you get stuck try posting the issue(s), code you're testing and debug logging. Else, when you get something working, it would make a great Codeshare example:

http://devcentral.f5.com/wiki/default.aspx/iRules/codeshare

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Timelimited or session limited class match

Recent Discussions

F5 - AS3 - BIGIQ / BIGIP SchemaVersion Missunderstanding

F5OS API - not able to create vlan

F5 APM - limiting access to the bandwidth for network Access

Change LB priority based on status

High CPU utilization (100%).

Related Content

HTTP Session Limit

Session Limiting

HTTP session limit

CodeShare Refresh: HTTP Session Limit

Version 9.x session limiting

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS