Apache 1.3 基于IP限制带宽

安装步聚:
   /usr/local/apache/bin/apxs -c -i -a mod_limitipconn.c 
   创建目录:
   mkdir  /tmp/apachebw
          /tmp/apachebw/link
          /tmp/apachebw/master

httpd.conf 添加:
ExtendedStatus On                             
  
<IfDefine HAVE_BANDWIDTH>
LoadModule bandwidth_module modules/mod_bandwidth.so
</IfDefine>
<IfDefine HAVE_BANDWIDTH>
AddModule mod_bandwidth.c
</IfDefine>

<IfModule mod_limitipconn.c>
<Location />
MaxConnPerIP 4
</Location>
</IfModule>
<IfModule mod_bandwidth.c>
BandWidthDataDir "/tmp/apachebw"
BandWidthModule on
#BandWidthPulse 2
</IfModule>
<Directory /usr/local/apache1.3/htdocs>
BandWidth 10.5.3.70 10000
#BandWidth all 100
</Directory>

-------------------------------------------------------

参考文档:
mod_limitipconn.c
David Jao <djao@dominia.org>
Proxy tracking by Jonathan J. Miner <miner@doit.wisc.edu>
Apache C module to limit the maximum number of simultaneous connections
per IP address. Allows inclusion and exclusion of files based on MIME
type.
Example configuration:

ExtendedStatus On
# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/mod_limitipconn.so
AddModule mod_limitipconn.c
<IfModule mod_limitipconn.c>
    <Location /somewhere>
        MaxConnPerIP 3
        # exempting images from the connection limit is often a good
        # idea if your web page has lots of inline images, since these
        # pages often generate a flurry of concurrent image requests
        NoIPLimit image/*
    </Location>
    <Location /mp3>
        MaxConnPerIP 1
        # In this case, all MIME types other than audio/mpeg and video*
        # are exempt from the limit check
        OnlyIPLimit audio/mpeg video
    </Location>
</IfModule>
---------------------------------------------------------------------------
Notes:
  This module will not function unless mod_status is loaded and the
  "ExtendedStatus On" directive is set.
  The limits defined by mod_limitipconn.c apply to all IP addresses
  connecting to your Apache server. Currently there is no way to set
  different limits for different IP addresses.
  Connections in excess of the limit result in a stock 503 Service
  Temporarily Unavailable response. The job of returning a more useful
  error message to the client is left as an exercise for the reader.
  mod_limitipconn sets the LIMITIP environment variable to 1 whenever a
  download is denied on the basis of too high an IP count. You can use
  this variable to distinguish accesses that have been denied by this
  module. For example, a line like
      CustomLog /var/log/httpd/access_log common env=!LIMITIP
  in httpd.conf can be used to suppress logging of denied connections
  from /var/log/httpd/access_log. (Note that, if you want to do this,
  you'll probably also want to comment out the ap_log lines from
  mod_limitipconn.c to suppress error_log lines as well.)
Proxy client tracking
  By default, all clients behind a proxy are treated as coming from the
  proxy server's IP address. If you patch Apache with the included patch
  and configure with --with-forward and rebuild, the real IP addresses
  of clients behind proxies are correctly detected.  You will need to
  either compile statically or compile with -DRECORD_FORWARD.
  If you don't patch the server, DO NOT compile with RECORD_FORWARD
  defined. The module will still function, but it will not recognize
  clients behind proxies.
***************************************************************************************************************************
Mod_bandwidth documentation
Installation :
WARNING: It is very important to give the lowest priority to mod_bandwidth so other modules will have the time to do their job before the documents are transmited ! For that reason, it is important to follow those steps :

APACI installation
Copy the file mod_bandwidth.c to your Apache source directory.
Run the ./configure script with the following directives : --add-module=mod_bandwidth.c \
--permute-module=BEGIN:bandwidth
Compile and install Apache.
APXS installation
Compile the module with :
/path_to_apache/bin/apxs -c /path/mod_bandwidth.c -o /path_to_apache/libexec/mod_bandwidth.so
Add the following lines to your httpd.conf file :
LoadModule bandwidth_module libexec/mod_bandwidth.so
AddModule mod_bandwidth.c
Those directives should be placed at the begining of the list so that the module will be given the lowest priority and be executed after others modules.

Manual installation
Copy the file mod_bandwidth.c to the "src/modules/extra" directory of your Apache sources.
Copy the "src/Configuration.tmpl" file to "src/Configuration"
Edit the "src/Configuration" file and add near the begining :
AddModule modules/extra/mod_bandwidth.o
(This is the reverse of old Apache versions)
Run the "./Configure" script
Compile and install Apache
Create the needed directories and make sure that they are "read/write/execute" for the user under which Apache run. By default, mod_bandwidth use the following directories but they can be changed using the BandWidthDataDir configuration directive:
/tmp/apachebw
/tmp/apachebw/link
/tmp/apachebw/master
Note that if any of those directories doesn't exist, or if they can't be accessed by the server, the module is totaly disabled except for logging an error message in the logfile.
Be careful that on some systems the content of the /tmp directory is deleted at boot time or every so often by a cronjob. If that the case, either disable this feature or change the location of the directories used by the module using the BandWidthDataDir configuration directive.
Global configuration directives :

BandWidthDataDir
Syntax : BandWidthDataDir <directory>
Default : "/tmp/apachebw"
Context : server config
Sets the name of the root directory used by mod_bandwidth to store its internal temporary information. Don't forget to create the needed directories : <directory>/master and <directory>/link

BandWidthModule
Syntax : BandWidthModule <On|Off>
Default : Off
Context : per server config
Enable or disable totaly the whole module. By default, the module is disable so it is safe to compile it in the server anyway.
PLEASE, NOTE THAT IF YOU SET A BANDWIDTH LIMIT INSIDE A VIRTUALHOST BLOCK, YOU ALSO __NEED__ TO PUT THE "BandWidthModule On" DIRECTIVE INSIDE THAT VIRTUALHOST BLOCK !
IF YOU SET BANDWIDTH LIMITS INSIDE DIRECTORY BLOCKS (OUTSIDE OF ANY VIRTUALHOST BLOCK), YOU ONLY NEED TO PUT THE "BandWidthModule On" DIRECTIVE ONCE, OUTSIDE OF ANY VIRTUALHOST OR DIRECTORY BLOCK.

BandWidthPulse
Syntax : BandWidthPulse <microseconds>
Default :
Context : per server config
Change the algorithm used to calculate bandwidth and transmit data. In normal mode (old mode), the module try to transmit data in packets of 1KB. That mean that if the bandwidth available is of 512B, the module will transmit 1KB, wait 2 seconds, transmit another 1KB and so one.
Seting a value with "BandWidthPulse", will change the algorithm so that the server will always wait the same amount of time between sending packets but the size of the packets will change. The value is in microseconds. For example, if you set "BandWidthPulse 1000000" (1 sec) and the bandwidth available is of 512B, the sever will transmit 512B, wait 1 second, transmit 512B and so on.
The advantage is a smother flow of data. The disadvantage is a bigger overhead of data transmited for packet header. Setting too small a value (bellow 1/5 of a sec) is not realy useful and will put more load on the system and generate more traffic for packet header.
Note also that the operating system may do some buffering on it's own and so defeat the purpose of setting small values.
This may be very useful on especialy crowded network connection : In normal mode, several seconds may happen between the sending of a full packet. This may lead to timeout or people may believe that the connection is hanging. Seting a value of 1000000 (1 sec) would guarantee that some data are sent every seconds...

Directory / VirtualServer configuration directives
BandWidth
Syntax : BandWidth <domain|ip|all> <rate>
Default : none
Context : per directory, .htaccess
Limit the bandwidth for files in this directory and sub-directories based on the remote host <domain> or <ip> address or for <all> remote hosts.
Ip addresses may now be specified in the network/mask format. (Ie: 192.168.0.0/21 )
The <rate> is in Bytes/second. A <rate> of "0" means no bandwidth limit.
Several BandWidth limits can be set for the same directory to set different limits for different hosts. In this case, the order of the "BandWidth" keywords is important as the module will take the first entry which matches the client address.
Example :
<Directory /home/www>
BandWidth ecp.fr 0
BandWidth 138.195 0
BandWidth all 1024
</Directory>

This will limit the bandwith for directory /home/www and all it's subdirectories to 1024Bytes/sec, except for .ecp.fr or 138.195..where no limit is set.

LargeFileLimit
Syntax : LargeFileLimit <filesize> <rate>
Default : none
Context : per directory, .htaccess
Set a maximal <rate> (in bytes/sec) to use when transfering a file of <filesize> KBytes or more.
Several "LargeFileLimit" can be set for various files sizes to create range. The rate used for a given file size will be the one of the matching range.
A <rate> of "0" mean that there isn't any limit based on the size.
A <rate> of "-1" mean that there isn't any limit for that type of file. It's override even a BandWidth limit. I found this usefull to give priority to very small files (html pages, very small pictures) while seting limits for larger files... (users with their video files can go to hell !
Example :
If the following limits are set :
LargeFileLimit 200 3072
LargeFileLimit 1024 2048
That's mean that a file of less than 200KBytes won't be limited based on his size. A file with a size between 200KBytes (included) and 1023Kbytes (included) will be limited to 3072Bytes/sec and a file of 1024Kbytes or more will be limited to 2048Bytes/sec.

MaxConnection
Syntax : MaxConnection <connections>
Default : 0 (unlimited)
Context : per directory, .htaccess
Restrict the number of maximum simultanous connections. If the limit is reached, new connections will be rejected. A value of 0 mean that there isn't any limits.

MinBandWidth
Syntax : MinBandWidth <domain|ip|all> <rate>
Default : all 256
Context : per directory, .htaccess
Set a minimal bandwidth to use for transfering data. This over-ride both BandWidth and LargeFileLimit rules as well as the calculated rate based on the number of connections.
The first argument is used in the same way as the first argument of BandWidth.
<rate> is in bytes per second.
A rate of "0" explicitly means to use the default minimal value (256 Bytes/sec).
A rate of "-1" means that the minimal rate is equal to the actual rate defined by BandWidth and LargeFileLimit. In fact, that means that the final rate won't depend of the number of connections but only on what was defined.
Example :
If BandWidth is set to "3072" (3KBytes/sec) and MinBandWidth is set to "1024" (1KBytes/sec) that means :
- if there is one connection, the file will be transfered at 3072 Bytes/sec.
- if there is two connections, each files will be transfered at 1536 Bytes/sec.
- if there is three or more connections, each files will be transfered at 1024 Bytes/sec. (Minimal of 1024 Bytes/sec).
If MinBandWidth is set to "-1" that means :
- if there is one connection, the file will be transfered at 3072 Bytes/sec.
- if there is two or more connections, each files will be transfered at 3072 Bytes/sec. In effect, the rate doesn't depend anymore on the number of connections but only on the configuration values.
Note that the total transfer rate will never exceed your physical bandwidth limitation.
Note : If both a "BandWidth" and a "LargeFileLimit" limit apply, the lowest one will be used. (But never lower than the "MinBandWidth" rate)
If both a virtual server limit is defined and another apply for a directory under this virtual server, the directory limit will over-ride it.
If a limit is defined outside a Directory or VirtualHost directive, it will act as default on a per virtual server basis. (Ie: each virtual server will have that limit, _independantly_ of the other servers)
Runing Apache with mod_bandwidth :
For correct results, it is important that there isn't any "dead" links in the "link" directory of mod_bandwidth when you start the server.
It may be a good idee to run the "cleanlink.pl" script we provide to automaticaly remove dead links