Forum Discussion
alvaro_martinez
Nimbostratus
NimbostratusUse rule Limit Connections From Client
Hi all,
I´m trying to configure rule in bigip config file but I can´t to work correct.
I have the next configuration but when I try connect to virtual server from white list...
Nicolas_Menant
Employee
Employeehi,
it looks good ...
Could you try to add some logging information and show us what you have for a white IP ?
Exampl:
when RULE_INIT {
array set ::active_clients { }
array set white_client {
1.1.1.1
1.1.1.2
}
}
when CLIENT_ACCEPTED {
set client_ip [IP::remote_addr]
if { [info exists ::active_clients($client_ip)] && ![info exist ::white_client($client_ip)] } {
log local0. "not an active connection or not a white IP"
if {$::active_clients($client_ip) > 10 } {
reject
log local0. "Reject IP $client_ip ($::active_clients($client_ip))"
return
} else {
log local0. "increase active clients"
incr ::active_clients($client_ip)
}
} else {
log local0. "new active client or White IP"
set ::active_clients($client_ip) 1
pool test-pool
}
}
when CLIENT_CLOSED {
set client_ip [IP::remote_addr]
if { [info exists ::active_clients($client_ip)] && ![info exist ::white_client($client_ip)] } {
log local0. "Closing connection, updating array"
incr ::active_clients($client_ip) -1
if { $::active_clients($client_ip) <= 0 } {
unset ::active_clients($client_ip)
}
}
}
What is your BIGIP Version? If you are in v9.4.X version you need to remove the binary file sometimes after updating the config files.
it may be better to work through the GUI as cmbhatt advised
HTH
