Hello all, I am new to the list, but I have spent some time searching the archives and the internet at large for an answer to my question. Background: I run Squid with SquidClamAV on an internal machine with one Ethernet interface – all traffic to and from squid flows over this. This system is not a gateway, and it cannot be the gateway. Using this example http://www.lartc.org/howto/lartc.cookbook.ultimate-tc.html#AEN2233 and adjusting the settings to 75% of our down and upstream bandwidth, and to use eth0 works very well for managing web traffic – as expected downloads get equal bandwidth, and web browsing can continue without significant slowdowns. However this also manages everything else on eth0 with these limits which is not ideal. What I want to achieve is to have the traffic control applied to traffic to/from the internet (ports 80 and 443 for example), but not locally between squid and other machines on the local network. I assume this could be done with some iptables rules, but I'm not very experienced with combining iptables and tc together. Every example I can find assumes you are running squid on the gateway with two interfaces and using iptables to do “transparent” caching. This is not what I'm doing. Thanks, Lonney. -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
