Forum Discussion

abdulmalek's avatar
abdulmalek
Icon for Nimbostratus rankNimbostratus
Jan 10, 2022

User's session timeout and concurrent session (Layer 7) using F5 LTM

Hello,

I hope all is well :)

 

We want to control the user's session timeout and concurrent session (Layer 7) using F5 LTM; however, after researching the documentation, we couldn't find a way to do so except with APM. can you please advise on how to do so without APM? 

 

Appreciate your corporation.

 

BRs,

Abdulmalek Aldosrri

2 Replies

  • Hi

    I guess user's session timeout value relate to timeout value

    and then concurrent session is using below irule

     

    when RULE_INIT {

      set static::maxquery 1

      set static::holdtime 600

    }

    when CLIENT_ACCEPTED {

      set srcip [clientside {IP::local_addr}]

      if { [table lookup -subtable "blacklist" $srcip] != "" } {

        drop

        return

        log local0. "abc" 

      }

      set curtime [clock second]

      set key "count:$srcip:$curtime"

      set count [table incr $key]

      table lifetime $key 600

      log local0. $count

       

      if { $count > $static::maxquery } {

        table add -subtable "blacklist" $srcip "blocked" indef $static::holdtime

        log local0. "excute"

        table delete $key

        drop

        return

      }

    }

  • Much appreciated neeeewbie, will test it and let you know! By the way, we have created an irule that removes all browser cookies after a specific time interval to address the timeout issue. it's working fine with us :)

     

    when HTTP_REQUEST {

     

      set now [clock seconds]

       

      if { [HTTP::cookie exists lastrequesttimestamp] } {

        set lastrequesttimestamp [HTTP::cookie value lastrequesttimestamp]

      } else {

        set lastrequesttimestamp $now

      }

     

      set cookieNames [HTTP::cookie names]

     

    }

     

    when HTTP_RESPONSE {

     

      set threshold [expr {20}]

      set lastRequestPlusThreshold [expr {$threshold + $lastrequesttimestamp}]

       

       if { $lastRequestPlusThreshold < $now } {

        foreach aCookie $cookieNames {

          HTTP::cookie insert name $aCookie value bb

          HTTP::cookie expires $aCookie 1

        }

         

       } else {

         HTTP::cookie insert name "lastrequesttimestamp" value $now path "/"

        HTTP::cookie attribute "lastrequesttimestamp" insert "SameSite" "None"

        HTTP::cookie secure "lastrequesttimestamp" enable

       }

     

     

    }