Forum Discussion
3 Replies
Sort By
- JRahmAdminThere are several examples of this in the forum that you can search for. Here's one:
- Baqar_Husain_81Nimbostratusactually the requirements have changed a bit ... it's not the source ip, but an http header value. if there is a string match say 30 times every minute i would need to redirect that connection someplace else.
- Deb_Allen_18Historic F5 AccountYour problem is a bit different than Zape's.
when RULE_INIT { set ::maxRate 10 set ::windowSecs 10 init array if non-existent array set ::postHistory { } wipe array if it already existed array unset ::postHistory } when HTTP_REQUEST { if { [HTTP::method] eq "POST" } { if {[HTTP::header exists User]} { set myUserID [HTTP::header User] } else { HTTP::respond 401 return } set currentTime [clock seconds] set windowStart [expr {$currentTime - $::windowSecs}] find POSTs for this userID set postCount 0 foreach { requestID requestTime } [array get ::postHistory ${myUserID}*] { count POSTs with start time > $windowStart, delete the rest if { $requestTime > $windowStart } { incr postCount 1 } else { unset ::postHistory($requestID) } } if { $postCount < $::maxRate } { add new record to array w/myUserID.uniquekey + currentTime set requestID "${myUserID}.[substr [AES::key 128] 10 16]" set ::postHistory($requestID) $currentTime } else { otherwise rate is exceeded, respond with 503 (temp unavail) HTTP::respond 503 return } } }