Suggestions for a custom module, looking for a developer
Manlio Perillo
manlio_perillo at libero.it
Wed Jan 9 19:31:23 MSK 2008
Adrian ha scritto:
> Hello, I'm testing nginx and like it very much.
> To make it perfect for my needs I am thinking about having someone code a
> "third-party" module for me.
> If I get this done I'm obviously going to share it with the community, it's the
> least I can do to give something back.
>
This is always a good thing!
> Since if I can't get this module done I will have to use a commercial
> closed-source webserver, I am willing to pay a "bounty" for this module.
>
> I deeply apologize if this offends anyone, but since I know that a few open
> source projects are open to bounties and the majority accepts donations, I
> thought I'd ask.
>
No problem; you just need to contact someone that is able to write the
custom module.
You can look at http://wiki.codemongers.com/NginxModules, for someone
who has already written a module for nginx.
> I'd like to know how much should I expect to pay if I'm going to hire a coder
> for this module. If anybody knows of someone I should talk to to get this done
> please let me know.
>
It's not possible to estimate the price.
You need to ask to the coder you are going to hire.
> This module would have to help me with connection flooding and bandwidth
> limiting. Here is what I'd like the module to do.
>
> I'd like the module to be able to check for the following conditions:
> - A single IP address that has retrieved more than <param1> megabytes (in
> requests' bodies) in <param2> seconds.
> - A single IP address that sent more than <param3> requests in <param4> seconds.
>
> I think that there should be a parameter, <param5>, to define how many IP
> addresses, are to be kept in memory, in a FIFO fashion.
>
> Then if any of the above conditions is triggered I would like to have executed a
> list of custom commands, <param6>.
> It should also be possible to use the offending IP address as a parameter for
> the custom commands.
> In my case I would like to add a firewall rule to ban the offending IP and an
> email sent to the admin.
>
> I would also like the possibility to limit the total bandwidth usage for each IP
> in kbytes/sec.
>
> All of this should be doable at directory level, at worst at virtual host level.
>
Note that for all these requirements, you could use an external tool
that parses the access log file, and iptables for accounting.
> I know that nginx can limit the number of connections per IP and the speed for
> each connection but sadly this is not enough for me to handle abusers without
> hurting normal users' performance.
>
> Any consideration on such a module would be very appreciated.
> Please don't flame me if all this post seems rubbish to you :)
>
> Thank you!
>
Manlio Perillo
More information about the nginx
mailing list