Forum Discussion
Aug 10, 2015
Are you testing table viewing iRule directly after you connect to the virtual server with the connection limit iRule?
My config looks like this (the respond iRule is just a replacement for a web server):
ltm rule /Common/connlimit {
when CLIENT_ACCEPTED {
set tbl "connlimit:[IP::client_addr]"
set key "[TCP::client_port]"
table set -subtable metatable "connlimit:[IP::client_addr]" 1
table set -subtable $tbl $key "ignored" 180
if { [table keys -subtable $tbl -count] > 5000 } {
table delete -subtable $tbl $key
event CLIENT_CLOSED disable
reject
} else {
set timer [after 60000 -periodic { table lookup -subtable $tbl $key }]
}
}
when CLIENT_CLOSED {
after cancel $timer
table delete -subtable $tbl $key
}
}
ltm rule /Common/tableview {
when HTTP_REQUEST {
set response ""
foreach tablename [table keys -subtable "metatable"] {
foreach key [table keys -subtable $tablename] {
set value [table lookup -notouch -subtable $tablename $key]
set response "$response
$key = $value"
}
}
HTTP::respond 200 content $response
}
}
ltm rule /Tssec/respond {
when HTTP_REQUEST {
HTTP::respond 200 content "Hello world"
}
}
ltm virtual /Common/connlimit {
destination /Common/192.168.1.249:80
ip-protocol tcp
mask 255.255.255.255
profiles {
/Common/http { }
/Common/tcp { }
}
rules {
/Common/connlimit
/Common/respond
}
source 0.0.0.0/0
translate-address enabled
translate-port enabled
}
ltm virtual /Common/tableview {
destination /Common/192.168.1.248:80
ip-protocol tcp
mask 255.255.255.255
profiles {
/Common/http { }
/Common/tcp { }
}
rules {
/Common/tableview
}
source 0.0.0.0/0
translate-address enabled
translate-port enabled
}
Then when I access the VIP with the connection limit I get:
http://192.168.1.249/
Hello world
Then when I access the VIP with the tableview iRule I get:
http://192.168.1.248/
64545 = ignored
Hope that helps.
/Patrik