Try this;
when RULE_INIT {
set static::maxRate 10
set static::windowSecs 3
set static::timeout 30
}
when HTTP_REQUEST {
set method [HTTP::method]
log local0. "http request is of $method"
if { $method eq "POST" } {
set postCount [table key -count -subtable [IP::client_addr]]
log local0. "postCount=$postCount"
if { $postCount < $static::maxRate } {
incr postCount 1
table set -subtable [IP::client_addr] [expr {int (rand() * 10000)}] "ignore" $static::timeout $static::windowSecs
return
} else {
log local0. "This user $user has exceeded the number of requests allowed."
HTTP::respond 501 noserver Content "Request blockedExceeded requests/sec limit." Retry-After [expr {int (rand() * 100)}]
return
}
} else {
Return "Method not allowed"
HTTP::respond 405 noserver
return
}
}