I have the rule setup on the lan side.  With a single host which is his ip and at the bottom theres a choice for a limiter and i added the inbound and outbound limiter.

At the top of the list.

When i get a chance today ill take some screen shots.

Limiters are assigned using firewall rules via the In/Out section under Advanced features.  Bittorrent can be very hard to trace because the torrent clients these days use encryption and that can't be handled by a layer7 rule.  You might be better off using an opposite approach where you elevate known traffic like web and mail, and all others can be limited or shaped.

The old pfsense shapper was one idea easy for configuration.

From what I understand, a limiter is just a dumb pipe that will limit all traffic routed to it to its maximum capacity, and not per client/server.  IN on the WAN interface means traffic coming from the Internet, OUT means traffic destined to the Internet.  Set your OUT to 10MB/s, set rules to move your server WAN traffic to the limiter, put them under load and see it it holds steady at ~10MB.

Don't be concerned about packet drops.  When you have an active shaper in place, drops are expected when the router is under load.  You want packets from your lower-priority queues to get dumped in favour of packets from higher queues when there is contention or service guarantees to maintain.  That's how the whole thing works.  If you don't have any drops, you likely don't even need traffic shaping at all.

per second

I want to Limit all my servers behind the DMZ .

So i have server A server B and server C . what is the best Way to limit the inbound and outbound traffic to a max of 50MB per server.

First step would be to post this in the Packages forum where it belongs.

Start here: https://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy

Come back if you have questions or problems.

Not that I'm aware of, but if you went into more detail about your requirements and how you configured it, perhaps people can help.

I've seen this too, where the bandwidth totals seem really off.

A traffic shaper will try to provide service for your queues.  It will only throttle a connection if it needs bandwidth for higher-priority connections.  If you want to put a hard cap in place, you need a limiter.

Sounds like to me you already have a fix , make the NIC E1000.  I dont know what a virtio nic is but it seems similar to VMXNET3 so I am guessing it is a driver issue of some kind. And if it is running as a VM - you might check the other forum for some answers.

Thank you for the answer. I found one scenario.. its shape well the traffic but found  that the P2P traffic is shaped whit other lower limits. The limits are 5 MB download, 2 MB Upload. When  start a torrent its take 460 kb/s for download and upload is only 0,5 kb/s. I tray several torrents and i am sure that they have lot of pears.

Way's that whit P2P traffic? :( No other limits added .

Here is a link to my posts on what I do for LAN Parties with PFSense:

https://forum.pfsense.org/index.php?topic=77388.0

Feel free to use any of the configs and tweak them as needed.

hi abbj, i have the same problems!

Do you have resolved?

regards

Well, I enabled RTP debugging on siproxd and telnet'ed to the debug port. I tried an extension routed through siproxd. it was not routed to the qVOIP. But on the RTP debug, I noticed that the UDP port my Polycom 650 was originating with 2224. It hit me that the Polycom default UDP port for RDP was 2222 (from past experience). So, for grins, I rolled it up to 7070 (the starting port for siproxd on my end) and tried the call again. still nothing. But in further examination, I noticed that the destination UDP port that siproxd was using for my remote Asterisk server was 12478 (outside the siproxd specified range of 7070-7099). The originating port siproxd used was 7076 (within the range). Now, i have static ports set for outbound NAT. But, siproxd is side-stepping NAT, so I guess it negotiates with the remote, and the Asterisk server's range is 10000-20000. So, on a hunch, I expanded the floating qVOIP outbound rule to cover UDP 7070-20000. Damned if that didn't do the trick! Now, my SIP and RTP routed through through siproxd is being routed into qVOIP. I am going to keeping investigating it further, but this must be why it was not matching the qVOIP rule. FYI!

Sorry for my dyslexia. it is HFSC. :) 
I will look at PRIQ. The other methods are a little complicated, but I don't really have a problem with them.