Jeremy jeremyj

## haproxy rate limiting
HTTP request limiting ===================================================================================================================
frontend ft_web
  # Use General Purpose Couter (gpc) 0 in SC1 as a global abuse counter
  # Monitors the number of request sent by an IP over a period of 10 seconds
  stick-table type ip size 1m expire 10s store gpc0,http_req_rate(10s)
  tcp-request connection track-sc1 src

  # refuses a new connection from an abuser
  tcp-request content reject if { src_get_gpc0 gt 0 }

## watch haproxy sticky tables
watch -n 1 'echo "show table http" | socat unix:/var/run/haproxy.sock -'
watch -n 1 'echo "show table public" | socat unix:/var/run/haproxy.sock -'
	HTTP request limiting ===================================================================================================================
	frontend ft_web
	# Use General Purpose Couter (gpc) 0 in SC1 as a global abuse counter
	# Monitors the number of request sent by an IP over a period of 10 seconds
	stick-table type ip size 1m expire 10s store gpc0,http_req_rate(10s)
	tcp-request connection track-sc1 src

	# refuses a new connection from an abuser
	tcp-request content reject if { src_get_gpc0 gt 0 }
	watch -n 1 'echo "show table http" \| socat unix:/var/run/haproxy.sock -'
	watch -n 1 'echo "show table public" \| socat unix:/var/run/haproxy.sock -'