Forum Discussion

Sumanta_88744's avatar
Jun 11, 2016

Universal Persistence with X-forwarder

Hi Experts   Can I use Universal persistence using x-forwarder with i-rule? I would have each x-forwarded IP stick to the same back-end pool member. Will this work? Can you please share code? Any ...
  • Yann_Desmarest_'s avatar
    Jul 20, 2016

    A formatted version of the "Per VS" rate limiting. You can apply the same irule to all standard VS using UIE persistence.

     

    when RULE_INIT {
        set static::maxReqs 3;
        set static::timeout 60;
    }
    
    when HTTP_REQUEST {
            set vs [URI::basename [virtual]]
            if { [HTTP::header exists "X-Forwarded-For"] } {
                set client_IP_addr [getfield [lindex  [HTTP::header values "X-Forwarded-For"]  0] "," 1]
            } else {
                set client_IP_addr [IP::client_addr]
            }
            if { ([HTTP::method] eq "GET") and ([class match [string tolower [HTTP::uri]] ends_with $vs_URI_LIST_TO_LIMIT] ) } {
    
                whitelist
                if { [class match [IP::client_addr] equals $vs_ips_whitelist] }{
                   return
                }
                set getcount [table lookup -notouch "$vs_$client_IP_addr:[HTTP::uri]"]
                if { $getcount equals "" } {
                    table set "$vs_$client_IP_addr:[HTTP::uri]" "1" $static::timeout $static::timeout
                } else {
                    if { $getcount < $static::maxReqs } {
                        table incr -notouch "$vs_$client_IP_addr:[HTTP::uri]"
                    } else {
                        reject
                    }
                }
            }
            persist uie $clientip 
    }
    
    when HTTP_RESPONSE { 
        persist add uie $clientip 
    }