search

comotion / VSF

Varnish Security Firewall
Other
213 stars 67 forks source link

vsthrottle #44

Closed intelbg closed 6 years ago

intelbg commented 8 years ago

Hello, I built varnish 4 from source with vsf and want to accomplish the following throttling: Limit from 100 concurrent requests from IP. On the 101th request the connection to be dropped. I tried the following configuration which works by totally different way which I will explain below:

sub vcl_recv { if (vsthrottle.is_denied(client.identity, 100, 0s)) {

Client has exceeded 15 reqs per 10s

                            return (synth(429, "Too Many Requests"));
                    }

}

Tried also with 1s instead of 0s (then it doesn't throttle at all). Tried also the following, but one request is ok, on the second refresh the request is throttled instead 100 requests to be ok, the 101th to be throttled.

if (vsthrottle.is_denied(req.http.X-Actual-IP, 100, 0s)) {

What is wrong with the configuration and how can I achieve this throttling way I want? Thank you in advance.

fgsch commented 6 years ago

Closing due to inactivity.

If this is still an issue please re-open it.