Log in

No account? Create an account
Recent Entries Friends Archive Profile Tags My wildlife photography
Quick techie question: I'd like to enforce rate limiting to a total of 26K/s outbound on sftp connections. Is that supported by the daemon (a chroot-patched version running on 10.3.9), or would I be better off implementing that (how?) under Apache?

(There's no specific reason Ocelot's still running Panther rather than Tiger - basically just haven't had any need to change it, given Ocelot's only a secondary system now)
Say what? Engrish preeze! ;-)
It must be plain English already! Mac owners are inherently unaware of anything more technical than turning on their computers, after all. =:)

Gods, it's so nice to have all of perl, apache, python, ruby, ssh/sftp, Java, etc included as standard. A long way from the olden times, where such things would be distant ports, if available at all. It's something of a welcome return to the early days of home computing, where every system came with at least their own version of Basic, so any new user could hack away at programming, with no need to shell out for development tools.
The IBM XT that we had for a while (2x5.25" drives, green screen, Dos 4) would run a basic interpreter if it had no OS (i.e. no floppies)
Is this "sftp" as in the FTP-like protocol over SSH2, or "ftps",
the TLS/SSL enabled "real" FTP protocol on port 989/990. If
it's the 'sshd' protocol, then I've read blurbs on google that
people typically reconfigure sshd to run under inetd/xinetd and
use inetd to do the rate limiting. This could probably work
as well for ftpd, though some FTP servers, like proftpd, support
rate limiting natively.
inetd could do a fine job of rate-limiting the number of connections that can be outstanding at any time, but I don't think it can limit the amount of bandwidth that each connection would use.

The problem with sftp is that it occurs on the same port that ssh works on, so you can't shape sftp traffic without also shaping other ssh traffic.

Does MacOS include PF and ALTQ? If so, there's some traffic shaping capabilities there, though they are still somewhat new to me.

I don't think you can really do that with sftp or apache, though there is a mod for apache 1.3 (not 2.x) that lets you limit bandwidth. Other tools I've found can limit bandwidth for any process on your system. A search brought up this tool.
Mmm, otherwise, if you know the exact port number it'll be sending data out of, you could probably use CarraFix (originally written for Carracho / Hotline server throttling, but can potentially be used to throttle any outbound port)


Otherwise... I don't know..
Hey! You're alive! =^.-=

Mmm, I don't think I have a working hotline client anymore... nor do I remember where your server's located, if it's still up.
Heh! I do live, even if its a miserable huddled existance that involves one MMORPG or another. Uh, also, no hotline server, those days are long gone into the realm of pleasant nostalgia. But yeah, how goes it, this life?