Limiting the TCP client connection to VIP on Time base

Not sure if you mean based on client time zone or time of day. But if the latter, here's a little code that checks if a request is being made before or after a predefined set of times:

 

 

when RULE_INIT {
set static::not_before_time "10am today"
set static::not_after_time "5pm today"
}
when HTTP_REQUEST {
if { ( [expr [clock seconds] < [clock scan $static::not_before_time]] ) or ( [expr [clock seconds] > [clock scan $static::not_after_time]] ) } {
HTTP::respond 200 content "After hours - access disabled" "Connection" "Close"
}
}

 

Hi Kevin Stewart ,

 

 

Thanks for your help.

 

 

I want it on time frame . for example let's say.

 

client IP is 1.1.1.1 and it is hitting a VIP 10.10.10.1, 100 times in a hour so we have to limit this connection by 50. if 51st request comes than LTM should drop the connection.

 

after 1 hour again it should allow 50 connection from 1.1.1.1 till next hour.

 

 

Thanks in advance.

 

 

Regards,

 

Lingaraj

 

 

Not an answer, but just a pointer.

 

Using table is probably the way to go.

 

the two examples given in the link could help understand the table command.

 

 

https://devcentral.f5.com/wiki/irules.table.ashx

 

 

hope this helps.

 

 

Pascal.

connection rate limit

 

 

virtual server connection rate limit with tables by Aaron

 

https://devcentral.f5.com/wiki/iRules.virtual_server_connection_rate_limit_with_tables.ashx

 

 

concurrent (active) connection limit

 

 

iRule::ology; Connection Limiting Take 2 by Colin

 

https://devcentral.f5.com/tech-tips/articles/iruleology-connection-limiting-take-2

 

 

hope this helps.