Date: Fri, 17 Oct 2008 11:47:38 -0700 (PDT) From: mdh <mdh_lists@yahoo.com> To: David Karapetyan <david.karapetyan@gmail.com>, Jeremy Chadwick <koitsu@FreeBSD.org> Cc: freebsd-questions@freebsd.org, freebsd-ports@freebsd.org Subject: Re: Problem with www/mod_cband Message-ID: <468319.95459.qm@web56808.mail.re3.yahoo.com> In-Reply-To: <20081017175359.GA27396@icarus.home.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
--- On Fri, 10/17/08, Jeremy Chadwick <koitsu@FreeBSD.org> wrote: > From: Jeremy Chadwick <koitsu@FreeBSD.org> > Subject: Re: Problem with www/mod_cband > To: "David Karapetyan" <david.karapetyan@gmail.com> > Cc: freebsd-questions@freebsd.org, freebsd-ports@freebsd.org > Date: Friday, October 17, 2008, 1:53 PM > On Fri, Oct 17, 2008 at 12:57:41PM -0400, David Karapetyan > wrote: > > FreeBSD office19.resnet.nd.edu 7.0-RELEASE-p5 FreeBSD > 7.0-RELEASE-p5 #0: > > Wed Oct 1 10:10:12 UTC 2008 > > > root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC > i386 > > > > Hello everyone. Every time I try to use the mod_cband > module in my > > apache22 webserver, apache segfaults upon restart. > Things work fine when > > I disable the module from httpd.conf. Is this module > broken, and if so, > > what comparable alternatives are there? > > Be aware that mod_cband has quite a horrible bug. This is > a Debian bug > report, but the same problem applies to FreeBSD. Be sure > to read the > entire bug, not just the original report. > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418645 > > Regarding alternatives: there aren't. Bandwidth > limiting is a > long-standing feature of Apache that's missing, which > is a huge > disappointment. > > The best solution I've found on FreeBSD is to use pf(4) > with ALTQ, > and give each VirtualHost its own IP address, then > rate-limit the IP > address using pf(4). Yes, I realise this is impractical > for sites > which have many vhosts and use name-based virtualhosts. > > Welcome to my world... IMHO, that solution is considerably sexier than what mod_cband claims to do (having read only pkg-descr). It seems possible, however, that mod_cband's functionality could be replicated by a simple script that watches the access log files and makes an update to a .htaccess file for the virtualhost when the virtualhost in question exceeds a given bandwidth limit which would be configured in the script. Think `tail -f`. Functionality is handled outside of apache so no danger of crashes. Just create the .htaccess in such a way that the end-user can't delete/modify it, and have it do a Redirect. For robustness' sake, move any existing .htaccess file to .htaccess.X and move it back when the virtualhost is back in compliance or paid up or whatever. - mdh __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?468319.95459.qm>