2

I looked at mod_bandwidth and mod_cban but they dont seem to satisfy my requirements.

I am running a proxy server with apache 2.2 (mod_proxy, proxy_http, proxy_connect).

I want to limit the "upload speed of the client".

This is at the same time server download bandwidth, which should not limited.

I want it per connection or even better per IP.

To make it understandable: The use case is that I don't want bad people uplaoding bad data to bad places using my proxy server to "mask" themselves. Of course I have logs and everything but I want to safe the trouble and make it unattractive in the first place.

For better understanding here is a picture of my setup:

enter image description here

Of course the red arrow could also point to the upper left arrow.

I am currently thinking about starting apache two times on the same server on different ports and using ProxyRemote to send the request to the other proxy. So on the second proxy I can exclude localhost from the throttling. However I would still need a solution to limit incoming but not outgoing bandwidth. I could realise that with IPtables.

But honestly? There must be a better way. There just has to.

The Surrican
  • 29,118
  • 24
  • 122
  • 168
  • Have you considered putting a Squid server in front of your Apache? I think this is relatively lightweight and painless. The [delay pools](http://wiki.squid-cache.org/Features/DelayPools?highlight=%28delay_pools%29) feature seems it might be what you're looking for. – TomNysetvold Apr 15 '12 at 04:19

1 Answers1

3

Install mod_bw

Inside your virtualhost add:

BandWidthModule On
ForceBandWidthModule On
BandWidth 192.168.0.0/24 0  
BandWidth all 80000

Where 192.168.0.0/24 0 should be your IP and subnet rules. The 0 means it gets 0 throttling (local users get full speed, you could extend this to do things like a country, university, whatever). BandWidth all 80000 means everyone else is limited to 80 000 bytes/s.

Source.

Incognito
  • 20,537
  • 15
  • 80
  • 120