Forum Discussion
Mike_64356
Dec 12, 2008Nimbostratus
I am using the iRule which appears at http://devcentral.f5.com/wiki/default.aspx/iRules/LimitConnectionsFromClient.html as follows:
when RULE_INIT {
array set ::active_clients { }
array set white_client {
10.0.0.1
}
}
when CLIENT_ACCEPTED {
set client_ip [IP::remote_addr]
if { [info exists ::active_clients($client_ip)] && ![info exist ::white_client($client_ip)] } {
if {$::active_clients($client_ip) > 10 } {
reject
log local0. "Reject IP $client_ip ($::active_clients($client_ip))"
return
} else {
incr ::active_clients($client_ip)
}
} else {
set ::active_clients($client_ip) 1
}
}
when CLIENT_CLOSED {
set client_ip [IP::remote_addr]
if { [info exists ::active_clients($client_ip)] && ![info exist ::white_client($client_ip)] } {
incr ::active_clients($client_ip) -1
if { $::active_clients($client_ip) <= 0 } {
unset ::active_clients($client_ip)
}
}
}
the problem is that connections are still being rejected from 10.0.0.1 and 10.0.0.2. I am running BIG-IP 9.4.3 and the log file is showing a lot of "Reject IP 10.0.0.1 (6)" I copied and pasted the iRule straight from here (and changed the IP's) Any clues why this might be happening?