Forum Discussion
Been wrecking my brain here for an answer and I can't come up with any obvious ones. I WOULD try something like below though in order to satisfy my curiosity.
Please note, before trying, that if this Virtual server is in production and very busy you do NOT want to do this without filtering by client IP as it will write entries to your ltm logfile.
The rule is basically just a combination of the two and would ensure that the iRule is executed in the same TMM core.
One more thing to note, is that using subtables will impact performance of the virtual server, so it's not advisable performance wise if your virtual server is/will be very busy and you're having low margins in terms of capacity.
If you still get nothing in the LTM log after this I'd contact F5.
And please post your findings. 🙂
when CLIENT_ACCEPTED {
set tbl "connlimit:[IP::client_addr]"
set key "[TCP::client_port]"
table set -subtable metatable "connlimit:[IP::client_addr]" 1
table set -subtable $tbl $key "ignored" 180
if { [table keys -subtable $tbl -count] > 5000 } {
table delete -subtable $tbl $key
event CLIENT_CLOSED disable
reject
} else {
set timer [after 60000 -periodic { table lookup -subtable $tbl $key }]
}
}
when CLIENT_CLOSED {
after cancel $timer
table delete -subtable $tbl $key
}
when HTTP_REQUEST {
set response ""
foreach tablename [table keys -subtable "metatable"] {
foreach key [table keys -subtable $tablename] {
set value [table lookup -notouch -subtable $tablename $key]
set response "$response
$key = $value"
}
}
log local0. "HTTP RESPONSE: $response"
}