2014年5月10日 星期六

[轉貼] web server 設定對特定 IP 來源限速 XD

同個目的多種做法 XD

來源:
How to throttle the FCC to dial up modem speeds on your website using Nginx
https://gist.github.com/kyledrake/e6046644115f185f7af0




ferengi-plan.txt
12345678910111213141516171819202122232425262728293031323334353637

# The blog post that started it all: https://neocities.org/blog/the-fcc-is-now-rate-limited



#



# Current known FCC address ranges:



# https://news.ycombinator.com/item?id=7716915



#



# Confirm/locate FCC IP ranges with this: http://whois.arin.net/rest/net/NET-165-135-0-0-1/pft



#



# In your nginx.conf:







location / {







if ( $remote_addr ~* 192.133.125.0/24 ) {



limit_rate 3k;



}







if ( $remote_addr ~* 165.135.0.0/16 ) {



limit_rate 3k;



}







if ( $remote_addr ~* 192.104.54.0/24 ) {



limit_rate 3k;



}







if ( $remote_addr ~* 4.21.126.0/24 ) {



limit_rate 3k;



}







if ( $remote_addr ~* 65.125.25.64/26 ) {



limit_rate 3k;



}







if ( $remote_addr ~* 208.23.64.0/25 ) {



limit_rate 3k;



}







# put the serve files or proxy_pass code here.



}

=========================================================

apache
How to throttle the FCC to dial up modem speeds on your website using Apache.
https://gist.github.com/m1/e5f1f190ba309b500f0a


ferengi-apache.txt
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677

# How to throttle the FCC to dial up modem speeds on your website using Apache.



 



# Ported from https://gist.github.com/kyledrake/e6046644115f185f7af0



 



## The blog post that started it all: https://neocities.org/blog/the-fcc-is-now-rate-limited



##



## Current known FCC address ranges:



## https://news.ycombinator.com/item?id=7716915



##



## Confirm/locate FCC IP ranges with this: http://whois.arin.net/rest/net/NET-165-135-0-0-1/pft



 



## For Apache 2.4.* and above



#



# 1) First, make sure you have Apache 2.4 or above. (In terminal: apache2 -v)



#



# 2) Enable the ratelimit module and reload apache2: sudo a2enmod ratelimit && sudo service apache2 reload



#



# 3) Copy and paste the text below into your site root .htaccess or your site .conf file:



 







    SetOutputFilter RATE_LIMIT



    SetEnv rate-limit 28
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 28
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 28
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 28
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 28
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 28
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 56
 
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 56
 
## For Apache 2.2
#
# 1) First, you need mod_bw (On Ubuntu: sudo apt-get install libapache2-mod-bw)
#
# 2) Enable mod_bw and reload apache2: sudo a2enmod bw && sudo service apache2 reload
#
# 3) Copy and paste the text below into your site .conf file in between the tags (You can't do this in .htaccess as it's unsupported by the module)
 
BandWidthModule On
ForceBandWidthModule On
BandWidth 192.133.125.0/24 28
BandWidth 165.135.0.0/16 28
BandWidth 192.104.54.0/24 28
BandWidth 4.21.126.0/24 28
BandWidth 65.125.25.64/26 28
BandWidth 208.23.64.0/25 28
BandWidth 2620:0:610::/48 28
BandWidth 2600:803:230::/48 28


=========================================================


 DamnInteresting commented
For developers on LAMP stacks I offer the following .htaccess rules:

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^192\.133\.125\. [OR]
RewriteCond %{REMOTE_ADDR} ^165\.135\. [OR]
RewriteCond %{REMOTE_ADDR} ^192\.104\.54\. [OR]
RewriteCond %{REMOTE_ADDR} ^4\.21\.126\. [OR]
RewriteCond %{REMOTE_ADDR} ^65\.125\.25\.(6[4-9]|[7-9]\d|10\d|11\d|12[0-7])$ [OR]
RewriteCond %{REMOTE_ADDR} ^208\.23\.64\.(\d|\d\d|11\d|12[0-7])$ [OR]
RewriteCond %{HTTP:X-Forwarded-For} ^192\.133\.125\. [OR]
RewriteCond %{HTTP:X-Forwarded-For} ^165\.135\. [OR]
RewriteCond %{HTTP:X-Forwarded-For} ^192\.104\.54\. [OR]
RewriteCond %{HTTP:X-Forwarded-For} ^4\.21\.126\. [OR]
RewriteCond %{HTTP:X-Forwarded-For} ^65\.125\.25\.(6[4-9]|[7-9]\d|10\d|11\d|12[0-7])$ [OR]
RewriteCond %{HTTP:X-Forwarded-For} ^208\.23\.64\.(\d|\d\d|11\d|12[0-7])$
RewriteRule ^(.*)$ /throttle.php?rate=3000 [L,QSA]
...where in this example throttle.php is a script that perhaps uses a combination of ob_start(), ob_get_clean() and sleep() to dribble the output. If you use the sleep() approach, be sure to use set_time_limit() to set a long execution time if you don't want PHP to exit at the default 30 seconds.

=========================================================


lighttpd
https://gist.github.com/ft11/34fb1974eb5aff8a36fd

ferengi-lighttpd.txt
1234567891011121314151617181920212223

# https://github.com/ft11/scripts/blob/master/lighttpd/README.md







$HTTP["remoteip"] == "192.133.125.0/24" {



server.kbytes-per-second = 14



}



$HTTP["remoteip"] == "165.135.0.0/16" {



server.kbytes-per-second = 14



}



$HTTP["remoteip"] == "192.104.54.0/24" {



server.kbytes-per-second = 14



}



$HTTP["remoteip"] == "4.21.126.0/24" {



server.kbytes-per-second = 14



}



$HTTP["remoteip"] == "65.125.25.64/26" {



server.kbytes-per-second = 14



}



$HTTP["remoteip"] == "208.23.64.0/25" {



server.kbytes-per-second = 14



}



$HTTP["remoteip"] == "79.248.169.164" {



server.kbytes-per-second = 14



}











=========================================================


For performance reasons, and with an increasing number of IP ranges, this ought to be a map though. Example (untested):
map $remote_addr $throttle_fcc {
        default 0;
        192.133.125.0/24 1;
        165.135.0.0/16 1;
        192.104.54.0/24 1;
        4.21.126.0/24 1;
        65.125.25.64/26 1;
        208.23.64.0/25 1;
}
And then
location / {
    if ($throttle_fcc == 1) {
        limit_rate 3k;
    }
}


@alexzeitgeist the if statement should only have one equals.
eg:
location / {
    if ($throttle_fcc = 1) {
        limit_rate 3k;
    }
}
張貼者:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)

BloggerAds