I asked a while ago for the ability to limit bandwidth per connection. The idea was to prevent a few heavy users from eating up all of the network bandwidth and degrading service for everyone. In my case, the service is engineered for dial-up users, so we don't want cable-modem or DSL users to use all of the bandwidth and starve the dial-up users. I realize that this is hard to do well, but I think I've done it well enough and quite simply. The idea is to sleep a variable amount after each packet either read from or written to the non-ssl socket. Pros: 1. really easy to implement. (See todo list for ways to do it even better) 2. works well to limit bandwidth used per connection. You never reach or exceed the speed limit, but you can come close. Cons: 1. it isn't a per user limit, so users who create additional connections get additional bandwidth. 2. if there are few users connected, bandwidth goes unused I've tested this with up to 256 simulated connections and it seems to work and doesn't degrade performance (much). Dave Warning: this patch is probably Solaris 2.6 and specific. If you have an implementation of nanosleep it might work for you. I used nanosleep because it works with PTHREADS without blocking the whole process. usleep might work if you aren't using PTHREADS and are forking. Warning: I had to add -lposix4 to line 22 of the generated Makefile to link in the implementation of nanosleep. Warning: the "speed limit" is hard-coded. If there is any interest I can make it a command line option, but if this patch has no utility for anyone I don't see the point. Warning: each nanosleep will be at least as long as specified, but may take up to one extra 'tick' of the kernel timing mechanism. So, don't try to get too fancy with tiny sleeps. Todo: handle return code from nanosleep. I ignore it here because failing to sleep in some cases is OK with me. Todo: use an inline delay routine instead of having the same code in two places? Todo: Since num ranges between 1 and 8192, build a lookup table of struct timespec's and index it by the value of num to save initializing the timespec each time?