Enforcing individual APM Policy "In Progress Sessions Limits"
Problem this snippet solves: Hi Folks,
the iRule below can be used to enforce individual APM Policy "In Progress Sessions Limits" per source IP address.
The iRule make use of [class match] t...
Updated Jun 06, 2023
Version 2.0Kai_Wilke
My name is Kai Wilke and I'm working as a Principal Consultant for IT-Security at itacs GmbH - a German consulting company specialized in Microsoft Security cloud solutions, F5 customizations as well as for classic IT-Consulting.
You can find additional information about me and my work here:
https://devcentral.f5.com/articles/q-a-with-itacs-gmbhs-kai-wilke-devcentrals-featured-member-for-february-24890MVP
Stanislas_Piro2
Sep 09, 2016Cumulonimbus
Hi,
this is an interesting irule.
For better user experience, I should have set an APM session variable in ACCESS_SESSION_STARTED
ACCESS::session data set "session.custom.tomanysession" 1
instead of
ACCESS::respond 200 content "To many concurrent logon sessions from your IP address" noserver "Content-Type" "text/html"
ACCESS::session remove
and added a empty box in VPE with branch with expression
expr { [mcget {session.custom.tomanysession}] != 0 }
to dedicated policy ending with message:
To many concurrent logon sessions from your IP address
with this solution, the response page format is the same as access profile.