iRule detect any IP that comes in at x rate a minute

Question

Lets say we have an external IP coming in and is completely over taxing a VS. Is there a way within an iRule(or profile) to throttle the connection? In this case &nbsp;
external ---------------------------&gt; VS &nbsp;
166.166.166.166 --------------&gt;270.270.270.270&nbsp;
Using up to 300 MB of bandwidth.  Want to throttle to 50mb. Thank you for anyone who can help.&nbsp;
RGW&nbsp;

nitass · Answer

is this applicable? 
&nbsp;  
&nbsp; Simple traffic shaping by JackofallTrades 
&nbsp; https://devcentral.f5.com/wiki/iRules.Simple_traffic_shaping.ashx

what_lies_bene1 · Answer

Alternatively you could create a Rate Class and apply it in the iRule, based on the source IP. Is the high bandwidth inbound or outbound?

smiley_dba_1116 · Answer

Its inbound

smiley_dba_1116 · Answer

Its inbound

what_lies_bene1 · Answer

OK, so I knocked this up; 
 
when CLIENT_ACCEPTED {
 if { [IP::addr [IP::client_addr] equals x.x.x.x] } {
  rateclass name_of_your_rateclass
  log local0. "Bandwidth Hog: [IP::client_addr] detected, Rate Class applied."
 }
}

And found this right afterwards (which has an example which is essentially the same): https://devcentral.f5.com/wiki/iRules.rateclass.ashx 
  
 No idea what happens if the client opens multiple connections. Perhaps you can let us know?

Forum Discussion

iRule detect any IP that comes in at x rate a minute

5 Replies

Recent Discussions

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Related Content

attack Signature detected but i can not find keyword inside request

iRULE regsub error

owa iapp assign irule

Irule Trigger two times

iRule assistance for subfolder redirect