Sekhar
Jan 22, 2016Nimbostratus
Bumping blade version and saving config
Hi,
When ever I apply irule to limit connections for specific IP's i get this error in F5 logs
noticeslot1/clusterd[7100]013a0006Bumping this blade's revision and saving cluster config noticeslot1/clusterd[7100]013a0006Bumping this blade's revision and saving cluster config.
The iRule i am using is
when RULE_INIT { This defines how long is the sliding window to count the requests. This example allows 3 requests in 5 seconds set static::windowSecs 5 } when CLIENT_ACCEPTED {
Max connections per client IP
set limit [class match -value [IP::client_addr] equals oneline_block]
log local0. "[IP::client_addr]: \$limit: $limit"
`
}
when HTTP_REQUEST {
` Check if client IP is in the connection limit data group and the request is a GET
if { ($limit ne "") and (([HTTP::method] eq "GET") or ([HTTP::method] eq "POST")) } {
set getCount [table key -count -subtable [IP::client_addr]]
log local0. "[IP::client_addr]: getCount=$getCount"
if { $getCount < $limit} {
incr getCount 1
table set -subtable [IP::client_addr] $getCount "" indefinite $static::windowSecs
} else {
log local0. "[IP::client_addr]: exceeded the number of requests allowed. $getCount / $limit"
HTTP::respond 501 content "Request blocked. Exceeded requests/sec limit."
}
}
}
I am observing this only when i am also trying to block http post requests. Am I doing anything wrong. Please help me if I can apply this iRule or not.
Thanks,
Sekhar