### All of this from Puppet, as usual

# Pseudo-backends used only for statistics tracking.
backend httpreqrate
    stick-table type ipv6  size 1m expire 300s store http_req_rate(10s),gpc_rate(10,300s)
backend httpreqrate_http
    stick-table type ipv6  size 1m expire 300s store http_req_rate(10s),gpc_rate(10,300s)

listen tls
    http-request track-sc0 src table httpreqrate 
### All of the above from Puppet, as usual

### All of the below from requestctl
    ## per-ip-default-concurrency
    acl per-ip-default-concurrency_too-high-now sc0_trackers(httpreqrate) ge 500
    acl per-ip-default-concurrency_too-high-recently sc_gpc_rate(0,0,httpreqrate) gt 0
    acl per-ip-default-concurrency_mark-as-too-high sc_inc_gpc(0,0,httpreqrate)
    
    # per-ip-default-concurrency logging enabled
    http-request set-var(req.dummy) src,debug(silent-drop_for_300s/per-ip-default-concurrency) if per-ip-default-concurrency_too-high-now !per-ip-default-concurrency_too-high-recently
    
    # per-ip-default-concurrency mark: (logging OR enforcement) enabled
    http-request set-var(req.dummy) src if per-ip-default-concurrency_too-high-now per-ip-default-concurrency_mark-as-too-high
    
    # per-ip-default-concurrency enforcement enabled
    http-request silent-drop if per-ip-default-concurrency_too-high-recently



    ## per-ip-sussy-concurrency
    acl per-ip-sussy-concurrency_too-high-now  sc0_trackers(httpreqrate) ge 50
    acl per-ip-sussy-concurrency_too-high-recently sc_gpc_rate(0,1,httpreqrate) gt 0
    acl per-ip-sussy-concurrency_mark-as-too-high sc_inc_gpc(0,1,httpreqrate)
    
    # per-ip-sussy-concurrency logging enabled
    http-request set-var(req.dummy) src,debug(silent-drop_for_300s/per-ip-sussy-concurrency) if ipblock_known_sussy per-ip-sussy-concurrency_too-high-now !per-ip-sussy-concurrency_too-high-recently
    
    # per-ip-sussy-concurrency mark: (logging OR enforcement) enabled
    http-request set-var(req.dummy) src if ipblock_known_sussy per-ip-sussy-concurrency_too-high-now per-ip-sussy-concurrency_mark-as-too-high
    
    # per-ip-sussy-concurrency enforcement enabled
    http-request silent-drop if ipblock_known_sussy per-ip-sussy-concurrency_too-high-recently



    ## per-ip-aws-concurrency
    acl per-ip-aws-concurrency_too-high-now sc0_trackers(httpreqrate) ge 25
    acl per-ip-aws-concurrency_too-high-recently sc_gpc_rate(0,2,httpreqrate) gt 0
    acl per-ip-aws-concurrency_mark-as-too-high sc_inc_gpc(0,2,httpreqrate)
    
    # per-ip-aws-concurrency logging enabled
    http-request set-var(req.dummy) src,debug(silent-drop_for_300s/per-ip-aws-concurrency) if ipblock_cloud_aws per-ip-aws-concurrency_too-high-now !per-ip-aws-concurrency_too-high-recently
    
    # per-ip-aws-concurrency mark: (logging OR enforcement) enabled
    http-request set-var(req.dummy) src if ipblock_cloud_aws per-ip-aws-concurrency_too-high-now per-ip-aws-concurrency_mark-as-too-high
    
    # per-ip-aws-concurrency enforcement disabled