limit source ip connection

@TayF5un, I'm afraid that won't work. There is no insertion in the table, no removal of addresses when the underlying transport closes, and appears to be designed to perform connection count limiting for a VS, rather than on a per-source-IP basis. If one wishes to do that, using the Virtual Server connection limit is a better option, in any case.

The following is an example of performing limits on a per-IP basis:

when CLIENT_ACCEPTED {
    set x [table incr "ip-block-[IP::client_addr]"]
    
    if { $x == 1 } {
         required because we cannot set timeout via 'table incr'
        table set "ip-block-[IP::client_addr]" 1 3600 indef
    } elseif { $x >= 50 } {
        reject        
    }
}

when CLIENT_CLOSED {
    if { [table incr "ip-block-[IP::client_addr]" -1] <= 0 } {
        table delete "ip-block-[IP::client_addr]"
    }
}

There are a lot of subtleties here, though, and the most important thing to keep in mind is that, using this rule, is very likely that the CPU cost on the BIG-IP exceeds the cost of simply handling the connection. I assume you're not trying to protect the BIG-IP by using this rule, but thought it worth noting. Also this rule won't work very well if the connections are long-lived (where "long-lived" here means "open for more than 3600 seconds").