Why not change your topology so that you have Firewall----------------->Shaper-------------->Proxy------------->Internet This way you have more control over the traffic. Admittedly, you are not truly shaping the total bandwidth available to you (some of the traffic will be returning to your clients from the proxy without ever going out to the internet) but maybe with some tweaking of the traffic shaping you can allow for this ? Leigh > Hell everybody, > Yesterday I faced a problem with the shaper I use. Here's my topology > and I'll describe the problem later after the topology. > > > 10.0.1.0 /24 10.0.1.100 eth0 > eth1 eth0 10.0.1.1 eth1 > +-------------+ +-------------+ +------------------+ > +--------------+ > | Internal | | | | Traffic shaper | > | | > | Network |-------------->| Squid proxy |---->| Bridge > |------>| Firewall | > | | | | | | > | | > +-------------+ +-------------+ +------------------+ > +--------------+ > > Well this is the http and ftp traffic flow on my netwrok. Some of my > users used to download huge files from the web. > Is there any way to slow down specific IP addresses even if they conect > through the proxy ?? > For example I want to slow down the requests made from 10.0.1.51 but > only that host. If I apply a filter for that IP it does not make any > sense cause in fact the proxy is making the connection for that host. > Has anybody else faced this problem ? > Any ideas or suggestions ? > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >
