Nimbostratus
CirrocumulusThis iRule was written for a version 10 of BIG-IP released in 2009(7 years ago). Since then F5 made Layer7 Denial of Service protection a proper built-in feature of the BIG-IP ASM as a DoS Profile, I would recommend that you use ASM and DOS Profile Protection instead of the iRule that you have found as it is only relevant to versions 10.x
Here is the Chapter of F5 Implementation Manual describing configuring the DoS Profile:
Preventing DoS Attacks on Applications
Going back to your example your suggestion of concatenating IP with URL for LEGITIMATE use simply will not work - no legitimate web application will generate 600 GET requests per 30 seconds to the SAME URL - they will all be to different URLs with different purposes - style sheets, images, javascripts, HTML pages etc.
An attacker might do that (e.g. bombard you with hundreds of GET requests to the same URL from the same IP, however it would be trivial to detect your protection and they could easily change their script to add a random bit to the URL (or even something simply like the current timestamp in milli/microseconds). However then this iRules will not work at all, as it will never increase the count. A properly configured DoS profile in ASM can protect from such attacks