Hi Cyril, You're right, and furthermore, this is not conn_rate but "http_req_rate".
cheers On Sun, Jan 8, 2012 at 11:39 PM, Cyril Bonté <cyril.bo...@free.fr> wrote: > Hi all, > > Le dimanche 8 janvier 2012 23:24:35 Baptiste a écrit : >> Hi, >> >> You can do this with a stick-table and a "store conn_rate(60s)". >> Then with an ACL, you can trigger decision based on the conn_rate value: >> acl abuser src_conn_rate gt 100 >> block if abuser >> >> So the 101st request and above in a minute would be blocked. > > But consider this will not work well for HTTP keep-alive requests, because the > rate is applied to the connections, not the requests themselves. > > If you really want to limit the HTTP requests (and not the connections), > you'll need to use "option httpclose" to enforce only one request per > connection. > > >> cheers >> >> On Sun, Jan 8, 2012 at 10:53 PM, S Ahmed <sahmed1...@gmail.com> wrote: >> > Actually my requirements are as follows: >> > >> > To block all further connections if they make more than 100 api calls in a >> > given minute. >> > >> > So if they make 100 api calls in the span of 55 seconds, block all further >> > calls for the next 5 seconds. >> > >> > Can I do this? And if I do, it should limit my bandwidth then correct? >> (...) > > -- > Cyril Bonté