# Function : RateLimit connections per IP
# Created : 1/11/12
 
when RULE_INIT {
    set static::maxRate 3
    set static::windowSecs 1 
}
 
when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals DATAGROUP-RATELIMIT-WHITELIST] } {
           return
        } else {
            
        # set variables
        set clientip [IP::client_addr]
        set get_count [table key -count -subtable $clientip]

        # main condition
        if { $get_count < $static::maxRate } {
            incr get_count 1
            table set -subtable $clientip $get_count $clientip indefinite $static::windowSecs
        } else {
            log local0. "$clientip has exceeded the number of connections allowed."
            drop
            return
        }
    }
}