Forum Discussion
cdis_249710
Apr 12, 2016Nimbostratus
Looks like I was missing "-value". This seems to be working, it not very accurate in terms of parallel connections
Limit each client IP address to 20 concurrent connections
when CLIENT_ACCEPTED {
Max connections per client IP
set limit [class match -value [IP::client_addr] equals connlimit_dg]
Set a subtable name with a standard prefix and the client IP
set tbl "connlimit:[IP::client_addr]"
Use a key of the client IP:port
set key "[IP::client_addr][TCP::client_port]"
table set -subtable $tbl $key "ignored" 180
if { [table keys -subtable $tbl -count] > $limit} {
table delete -subtable $tbl $key
event CLIENT_CLOSED disable
reject
}
else {
here the timer value is in ms ; 60000 ms (60 sec)
set timer [after 60000 -periodic { table lookup -subtable $tbl $key }]
}
}
when CLIENT_CLOSED {
after cancel $timer
table delete -subtable $tbl $key
}