Forum Discussion

Nimbostratus

May 17, 2011

Timelimited or session limited class match

I once worked with a product that would allow a user to authenticated to the product using a java applet. Once authenticated that user could have access on certain ports, only from the source IP that ...

Cirrostratus

May 17, 2011

Hi Matt,

That does seem doable with an iRule. And assuming you have a secure method for validating access to the special URIs it should be safe.

I'd use a single iRule which adds the client IP and allowed port(s) to a subtable using the table command. You can set a lifetime on the record to enforce a session timeout. See the table command and subtable series for details:

http://devcentral.f5.com/wiki/default.aspx/iRules/table

http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/2375/v101--The-table-Command--The-Basics.aspx

If you get stuck try posting the issue(s), code you're testing and debug logging. Else, when you get something working, it would make a great Codeshare example:

http://devcentral.f5.com/wiki/default.aspx/iRules/codeshare

Aaron

Forum Discussion

Timelimited or session limited class match

Recent Discussions

What happens if I only enable ASM in BIG-IP Under System > Resource Provisioning

URL

Migration from i series 10200 with 1 child VCMP to r series 10900 series

Azure DP-100 Exam Questions

Deploying F5 WAF in front of Azure Web App Services

Related Content

HTTP Session Limit

Session Limiting

HTTP session limit

CodeShare Refresh: HTTP Session Limit

Version 9.x session limiting