Transparent Squid Ignores Bandwidth Limiter Rules



  • Hello, thanks in advance.  I have pretty simple set up (one LAN, one WAN) with up/down limiter rules and they work great on my LAN firewall rules to limit total 80 and 443 traffic for hundreds of public wifi users.  But when I install the squid or squid3 package then no limiter rules are obeyed and the public wifi users use all the internet bandwidth, even before I turn on "transparent".  I tried 32bit and 64 bit latest pfsense versions.  I tried all kinds of rules plus floating rules.  I tried limiting bandwidth in one of the squid tabs there is a box for limit total bandwidth but it didn't seem to work.  I've tried many things for hours but cannot get it to work.  Whenever a squid package is installed I can't seem to limit total bandwidth…it's probably something obvious but I just don't know.  If anybody has any tips that'd be great, thanks.



  • I have the same problem. I kind of gave up…

    But I hope there is a solution.

    I tried several rules with Limiter, but in practice nothing works.
    Also tried with Squid Delay Pools, but neither worked. If you have any luck please share...



  • @pierre_rs:

    I have the same problem. I kind of gave up…

    But I hope there is a solution.

    I tried several rules with Limiter, but in practice nothing works.
    Also tried with Squid Delay Pools, but neither worked. If you have any luck please share...

    After much frustration the following seems to work.  Say you have 1 WAN and 1 LAN interface:  turn on squid3 package then make 2 new WAN floating (not LAN) firewall rules with any/any as source and destination and "any" for traffic type (tcp, udp, etc).  Make one firewall rule "in" direction and the other "out" direction.  Note that when you make the "out" firewall rule you will be prompted to choose a Gateway which is in the bottom section near the limiter, choose your WAN gateway from the dropdown.  Then place limiters on both of these floating firewall rules.  The limiters are set up and customized in the Traffic Shaper > Limiter area.  There's probably a more refined/elegant way to do it but this seems to work for now for my simple 1 LAN / 1 WAN set up.  Hope this helps someone and thanks to the TechSnap podcast for answering this question for me.  Too bad the "total bandwidth limit" on the squid options doesn't seem to work unless I'm missing something.



  • Thanks for sharing …

    Soon I'll try that!



  • Hi, did it work pierre_rs?