Hello Mark, Wednesday, October 15, 2003, 10:15:07 PM, you wrote: MB> Im running a HFSC setup with a squid server hosted on the same machine. I MB> am having problems putting this traffic in a queue. So I decided to make MB> it a transparent proxy. On my pf I tagged the packets on the internal MB> interface comming into the squid server then tried to match it on the MB> external interface. This doesnt work because the internal tags gets lost MB> when squid makes the request to fetch the object..
MB> Anybody have any idea's? Maybe even a completely new solution? Okay, here are my bits: 1) If I understand you correct (based on what has been said later as well), you don't want different queues (=tags) for different src hosts? If that is the case you can just queue the outgoing traffic originating from user "squid". 2) If that is not the case, afaik does squid have a built-in solution for rate limiting called "pools" (or somethink alike, check the online docs.) 3) If you want to use the ALTQs, get squid set the tos/qos bits and queue based on that information (good luck hacking squid). 4) iirc there was an ident patch for squid essentially doing something like: Request from IP 1.2.3.4 -> If we have to make a net connection use user xyz. With that patch applied you can use 1). Good luck. Sorry that I can't point at urls. And a general note on what you said about the tos bits: In normal operation does Squid not forward any traffic (=packets) from the client to the server. It forms new request lines to get the data it needs, hence you won't see tos bits on these packets. Let aside that you usually don't want a proxy user to decide what tos his webrequest is. ;) -- Best regards, Max mailto:[EMAIL PROTECTED]
