<\/span><\/h2>\nWithin our example we will rate-limit on a per IP, per URI basis.<\/p>\n
Below is the iRule:<\/p>\n
# Function : RateLimit HTTP GET requests per IP, per URI\r\n# Created : 29\/10\/12\r\n\u00a0\r\nwhen RULE_INIT {\r\n\u00a0 \u00a0 set static::maxRate 3\r\n\u00a0 \u00a0 set static::windowSecs 1\u00a0\r\n}\r\n\u00a0\r\nwhen HTTP_REQUEST {\r\n\u00a0 \u00a0 if { ([HTTP::method] eq \"GET\") and ([class match [string tolower [HTTP::uri]] starts_with DATAGROUP-RATELIMIT-URI] ) } {\r\n\u00a0\r\n\u00a0 \u00a0 \u00a0 \u00a0 # whitelist\r\n\u00a0 \u00a0 \u00a0 \u00a0 if { [class match [IP::client_addr] equals DATAGROUP-RATELIMIT-WHITELIST] }{\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0return\r\n\u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0\r\n\u00a0 \u00a0 \u00a0 \u00a0 # set variables\r\n\u00a0 \u00a0 \u00a0 \u00a0 set limiter [string tolower [HTTP::uri]]\r\n\u00a0 \u00a0 \u00a0 \u00a0 set clientip_limitervar [IP::client_addr]:$limiter\r\n\u00a0 \u00a0 \u00a0 \u00a0 set get_count [table key -count -subtable $clientip_limitervar]\r\n\u00a0\r\n\u00a0 \u00a0 \u00a0 \u00a0 # main condition\r\n\u00a0 \u00a0 \u00a0 \u00a0 if { $get_count < $static::maxRate } {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 incr get_count 1\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0table set -subtable $clientip_limitervar $get_count $clientip_limitervar indefinite $static::windowSecs\r\n\u00a0 \u00a0 \u00a0 \u00a0 } else {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 log local0. \"$clientip_limitervar has exceeded the number of requests allowed.\"\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 drop\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 return\r\n\u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 }\r\n}<\/pre>\n