I looked at mod_bandwidth and mod_cban but they dont seem to satisfy my requirements.

I am running a proxy server with apache 2.2 (mod_proxy, proxy_http, proxy_connect).

I want to limit the "upload speed of the client".

This is at the same time server download bandwidth, which should not limited.

I want it per connection or even better per IP.

To make it understandable: The use case is that I don't want bad people uplaoding bad data to bad places using my proxy server to "mask" themselves. Of course I have logs and everything but I want to safe the trouble and make it unattractive in the first place.

For better understanding here is a picture of my setup:

Of course the red arrow could also point to the upper left arrow.

I am currently thinking about starting apache two times on the same server on different ports and using ProxyRemote to send the request to the other proxy. So on the second proxy I can exclude localhost from the throttling. However I would still need a solution to limit incoming but not outgoing bandwidth. I could realise that with IPtables.

But honestly? There must be a better way. There just has to.

Install mod_bw

Inside your virtualhost add:

BandWidthModule On
ForceBandWidthModule On
BandWidth 192.168.0.0/24 0  
BandWidth all 80000

Where 192.168.0.0/24 0 should be your IP and subnet rules. The 0 means it gets 0 throttling (local users get full speed, you could extend this to do things like a country, university, whatever). BandWidth all 80000 means everyone else is limited to 80 000 bytes/s.

Source.