Using iRule to limit POST/GET vars to prevent Hashtable collisions

Question

Does anyone know how it would be possible to limit the number of post and get vars via an iRule so as to prevent some type of hash table collision dos?

Say setting the number of vars to 500, anything else will get logged and dropped?

TIA

hooleylist · Answer

Hi AJ, 
&nbsp;  
&nbsp; Sure, here's an example iRule which should do this: 
&nbsp;  
&nbsp; http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/aff/5/afv/topic/aft/2159136/afc/2235372/Default.aspx 
&nbsp;  
&nbsp; I'm not sure that you could exploit this vulnerability using the query string.  But if you wanted to check the overall query string length, you could use [string length [HTTP::query]]. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Using iRule to limit POST/GET vars to prevent Hashtable collisions

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

redirects with get / post

Limiting HTTP/HTTPS GET and POST Flood Attacks using an iRule

Get value from HTTP POST request body

iRule to change HTTP GET into POST

Session are getting dropped post upgrade 15.x.x