I don't know much about this but had the same problem a while ago,
I know you can have ACL (Access control lists) for your users, and also you may use the "Delay pools" feature of your Proxi ( squid ) to kind of manage the bandwidth.
This is if you may want to give some restricted lowbandwidth access to some users.
you may either place static ip addresses or filter via the mac address of each station with iptables, and block ftp and smtp ports with iptables aswell, either for all or for some mac addresses too.
For example we blocked all web, smtp, ftp ports to go directly through the firewall, so anyone who want's to go out must go through the proxy.
you will definately find answers to this very common questions by searching the forum
I'm sorry didn't answer your especific question but hope this helps somehow
Last edited by mfeoli; 04-12-2005 at 02:36 PM.