@ermal:

Put a feature request for it in redmine.pfsense.org.

Sure, I'll be doing it ASAP.

Just that in pfSense its not so easy to monitor through ping since the icmp packets themselves are subject to throttling as well!

Yes, but they can still give an idea of the situation. Actually, it's more or less the same in Gargoyle, but the result is excellent.

While it can be given a thought in general just record it in redmine to have it always there when i find time to play with this option.

Ok! I'll be doing it. Thank you for your kind attention!

@turiyain:

The information is given below:

Version 2.0-RC3 (i386)
built on Tue Jun 21 16:50:25 EDT 2011

Ask if you need any other detail.

Regards,

VJ@@@//

@kalu:

oh that's great.
could you please let us know your
pfsene, squid and squidguard version information ?

oh yes. please tell me your squid and squidguard version.
Thanks

Here is a link that was quite informative to me about Layer 7 and protocols: http://l7-filter.sourceforge.net/protocols
Of course, a reading about regular expressions is a must.  Thanks Google!

@argyx - This doesn't work, all HTTP traffic is still getting dumped into qlandef, which by default receives 1% bandwidth from the wizard.

As I anticipated might happen, I figured it out through trial-and-error. I have limited understanding of linux/unix/freebsd & with the limited info I found (the definitive pfsense guide & http://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Limiter) I couldn't figure it out. Sure enough its THIS simple:
setup two limiters (as suggested), apply to firewall rule (I did it to LAN). I knew that, however there are a few catches a newbie like me didn't catch:
1)you cannot set the Destination to WAN address (I believe because it will them pump it through WAN, bypassing the virtual dummynet limiters)
2)you HAVE to put the rule ABOVE the 'Default allow LAN to any rule'. Either that or simply modify that existing rule to add the in/out limiters

I was pulling my hair out. Sure enough it IS working in 3rd way I described above, where two or more people cannot reach past the set limiter. Right now I am testing the schedule-based aspect of this, crossing my fingers. I am sure some more knowledgeable people are giggling at me.

If anyone wants to chime-in the best way to setup some kind of content filter (without changing our existing DNS system) through pfSense my ears are open wide!

Also note to admin's again:
Broken link: http://files.pfsense.org/tutorials/squidguard/squidGuardQuick.htm on the main tutorial page: http://doc.pfsense.org/index.php/Tutorials

Side note to people use the schedules: you can't use a space in the name, it took me like 5min to figure out why it didn't like mine

You can run the traffic shaper wizard and select Priq as the algorithm, punch in your upload and download speeds (actual; not rated) accordingly.

Run through everything (no need to check anything).

You should have a simple priq parent queue for WAN and for LAN.

Go to Firewall -> Traffic Shaper.
Click 'LAN'.

Click 'Add New Queue'
Set priority to say 7.
Name it as qAck.

Add queue again.
Set Priority as 5.  Set as Default Queue.
Name it qDefault.

Add another queue.
Set Priority as 1.
Name it qLow.

Repeat for WAN tab.

Now go to Firewall -> Rules.
Click Lan tab.
Click the 'e' button beside the 'Default allow LAN to any rule'.
Scroll down till you find 'Ackqueue/Queue'.
Set to:  qAck/ qDefault
Click Save.

Now click the '+' sign beside the rule.
Go to 'Source'.  Change from 'LAN subnet' to 'Single Host or Alias'.  In the box below, fill in the IP address of the computer to throttle.
Scroll down to 'Ackqueue/Queue'.
Set to: none/qLow.
Rename the Description to 'Throttle Download'.
Click save.

In the LAN tab, you will now see both rules.  Check the box to the right of 'Throttle Download' then click the Arrow button beside 'Default allow LAN' rule to move the throttle rule above it.

Click Save.  This settles the upload throttling.

Now for download throttling.  This gets slightly trickier.
Click on 'Floating Rules' Tab.

Click Add new rule (+ button).
Check 'Apply the action immediately on match' box.
Under interface, choose WAN only.
Set direction to 'In'.
Set Protocol to Any.
Set Source to Any.
Set Destination to Single host with IP of the download machine.
Go down and set the queues to none/ qLow.
Set Description to 'Download throttle'.
Save the rule.

Under floating rules, duplicate this rule.
Change Destination to 'Lan subnet'.
Go down and set the queues to qAck/ qDefault.
Set Description to 'Default CatchAll'.
Save the rule.

No re-ordering is necessary.  Just click the save at the top of the page.

That should do the trick.

As far as i know, in PFsense u can only set speed limits with either captive portal or limiters. However if u need quota management, pfsense can't do it therefore u shall get something like daloradius and map it to pfsense to handle user and quota management. (server farm in ur house) :D

update 1
to be sure it is not related to squid . i used uTorrent to download some files which off-course will not go thoruth the squid  and yet the limiter didnot work.

by the way the rule created in firewall is for any for source/dest/ports/TCP-UDP