Authentication
TUT Systems, Inc
Page 49 of 104
P/N
220-06288-20
HTTP Request Throttle
Setting the HTTP Request Throttle
Use the
set http-request throttle
command to configure a per-session throttle on the rate
at which HTTP requests from that session are handled before authentication. A new
session begins with
max_requests
requests enabled. Every request uses one from a pool
of available requests until there are no requests available in the pool. Requests are
allocated to the session at
request_rate
requests per second.
Note:
This command has no effect on authenticated subscribers.
To configure a per session throttle on the rate at which HTTP requests from that session
are handled before authentication, use this command:
set http-request-throttle
max_requests
[
request_rate
]
For example, to enable an HTTP request throttle for each unauthenticated session,
starting with 10 requests, and with requests available to that session at one request per
second, use:
sms2000%
set http-request-throttle 10 1
If the subscriber generates 11 HTTP requests in less than one second, it is ignored. After
using all available requests, only 1 request per second is handled and additional requests
are ignored.
Deleting the HTTP Request Throttle
To disable the HTTP request throttle for sessions not yet authenticated, use this
command:
delete http-request-throttle
For example to turn off the HTTP throttle request setting, type:
sms2000%
delete http-request-throttle
Allow-Nets
Allow-nets provide single IP addresses or subnets to which subscribers can send IP data
without authentication, the
set allow-net
command supports up to 1000 allow-nets.
Beginning with the release of SMS2.3.6, Allow-Nets support DNS names as well as IP
addresses.
