Transparent proxy + limiters are not working

ppsascha

Hello everyone! I have pfsense 2.6 with a single interface (WAN with the address 192.168.20.10), squid + squidguard are working on it, squid works as a transparent proxy with ssl mitm enabled (splice all mode).
pfsense is located behind the mikrotik in the same network. Rule has been created on mikrotik (which is a default gateway for users and has an internet access) that wraps traffic on 80 and 443 ports on pfsense:

ip firewall mangle add action=route chain=prerouting dst-port=80,443 passthrough=yes protocol=tcp route-dst=192.168.20.10 src-address-list=webproxy_users

And everything works fine - if I add the user's address to the webproxy_users list on the mikrotik, then he gets the Internet without additional browser settings, squidguard blocks "bad" URLs, information gets into lightsquid statistics, in general, everything is fine.
But two limiters of 30 megabits per upload-download are configured, plus the corresponding rule in the firewall. And with this scheme, the limiters don't work. If I write the address and port of pfsense in the browser (192.168.20.10:3128 without auth), then the limiter works. If I switch squid to non-transparent mode with authorization, then, of course, it also works.
But I want to be completely transparent and with shaping, since pfsense cannot limit the amount of traffic, then at least cut the bandwith.

What am I doing wrong, please tell me? Maybe it will not work because of pfsense is NOT a default gateway?