Yoli_154289
Nimbostratus
NimbostratusUpdate - remove/add values from "Data group list" via irule
Hi, Its possible to update "irule data group list" from irule ? and not from WEB or iControl
Forum Discussion
9 Replies
Samir_Jha_52506Noctilucent
Not possible to add or remove data list value from iRule.
Yoli_154289And pass variables between two different iRules on different virtaul server ? VS[irule] -> VS2[irule2]
if its possible can you give an example with table command.
Thank you
- Samir_Jha_52506
Not possible to pass variables between two iRules. Write iRule separately to vip.
- Yoli_154289
Its possible to update any file from irule ?
Stanislas_Piro2Cumulonimbus
to use tables, commands are:
table set "variable" "value" 7200 table add "variable" "value" 7200 set value [table lookup -notouch "variable"]tables are shared between all irules and VS in the same appliance.
oscarnet_69487HI
you can use table to do it. if you want block source ip you can use this irule.
code irule_A_Virtaulserver_A ltm rule /Common/irule_A_Virtaulserver_A { when RULE_INIT { set ::whichone 0 set static::maxRate 20; set static::timeout 60; set static::maxquery 11; } when HTTP_REQUEST { set getCount [table lookup -notouch -subtable requests [IP::client_addr]] set srcip [IP::remote_addr] if { [table lookup -subtable "Redirectolist" $srcip] != "" } { HTTP::redirect "http://www.abc.com" return } set curtime [clock second] set key "count:$srcip:$curtime" set count [table incr $key] table lifetime $key 2 if { $count > $static::maxquery } { table add -subtable "Redirectolist" $srcip "blocked" indef $static::timeout table delete $key return } } } ==================================================================================================================== irule_B_Virtaulserver_B ltm ifile /Common/Block_page_html { file-name /Common/Block_page_html } ltm ifile /Common/logo_jpg { file-name /Common/logo_jpg } ltm ifile /Common/styles_css { file-name /Common/styles_css } ltm rule ltm rule /Common/irule_B_Virtaulserver_B { when RULE_INIT { set static::timeout 60; set static::maxquery 11; } when HTTP_REQUEST { set srcip [IP::remote_addr] if { [table lookup -subtable "Redirectolist" $srcip] != "" } { switch [HTTP::uri] { "/Block_page/logo.png" { HTTP::respond 200 content [ifile get "logo_jpg"] } "/Block_page/styles.css" { HTTP::respond 200 content [ifile get "styles_css"] } default { HTTP::respond 200 content [ifile get "Block_page_html"] } } } set curtime [clock second] set key "count:$srcip:$curtime" set count [table incr $key] table lifetime $key 2 if { $count > $static::maxquery } { table set -subtable "Redirectolist" $srcip "blocked" indef $static::timeout table delete $key drop return } } }- Yoli_154289
Where did you init this table ?
set getCount [table lookup -notouch -subtable requests [IP::client_addr]]Also the table "Redirectolist" created in both VS's, so its not share between the two VS.
Thanks
- oscarnet_69487
hi yoli
my update irule
code when RULE_INIT { set ::whichone 0 set static::maxRate 20; set static::timeout 60; set static::maxquery 23; } when HTTP_REQUEST { set getCount [table lookup -notouch -subtable requests [IP::client_addr]] set srcip [IP::remote_addr] if { [table lookup -subtable "Redirectolist" $srcip] != "" } { HTTP::redirect "http://www.abc.com" return } set curtime [clock second] set key "count:$srcip:$curtime" set count [table incr $key] table lifetime $key 2 if { $count > $static::maxquery } { table add -subtable "Redirectolist" $srcip "blocked" indef $static::timeout table delete $key return } else { if { $getCount equals "" } { table set -subtable requests [IP::client_addr] "1" $static::timeout $static::timeout } else { if { $getCount < $static::maxRate } { table incr -notouch -subtable requests [IP::client_addr] } else { if {$getCount == $static::maxRate } { table incr -notouch -subtable requests [IP::client_addr] } HTTP::redirect "http://www.abc.com" } } } }