i have internet speed of 8mb and installed squid proxy server as well as transparent on centos 5.6 i-e
http_port 10.10.10.10.:3128 transparent
its working properly for all my clients.Now i want to seperate my clients browsing speed,bandwidth control,websites restriction i want to make a pool of IP's for example

1) 10.10.1.1 to 10.10.1.255 can access internet withoun restriction as they are my senior staff and can use bandwidth of 4mb from 8mb and no website block

2) rest of my clients can browse internet with 1mb bandwidth and they cannot use facebook,orkit,twitter,youtube and messengers like yahoo,skype online video streaming and mp3 downloading or playing online

3)all my clients cannot use P2P(torrent downloading)

4)if one of my client ask permission for an IP which is free from all restrictions how will i allow him

currently my squid config file is simple by just

http_port 10.10.10.10:3128 transparent
http_access allow all
visible_hostname idirao-server

i have iptables command of
iptables -t nat -A POSTROUTING -o eth- -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 10.10.10.10:3128

please help me out

Put those users into their own ACL group that has no restrictions
Set up a second ACL group with a delay pool and a blacklist of those sites
...and Squid can't block torrents AT ALL. This has been covered on here many times. You can block the .torrent filetype from being downloaded, but you can't block someone from copying the URL and pasting it into a torrent client. You need a layer-7 filter.
You modify the ACL the client is in. Based on what you have posted, you'll have two ACL's..one for senior staff, and another for everyone else. If you have someone ask permission, and they're NOT senior staff, the answer would then be 'no', wouldn't it?
You need to start by reading the squid documentation, and looking up one of the MANY, easily-found guides on setting up ACL's.
http://wiki.squid-cache.org/SquidFaq/SquidAcl

i have a range of IP addresses and i want to make ACL as follows

IP range from 10.0.1.1 to 10.0.1.255 can browse internet and

IP range from 10.0.2.1 to 10.0.5.255 cannot browse internet i have made ACL as
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
acl my-clients src 10.0.1.1/8 10.0.1.255/8
acl bound src 10.0.2.1/8 10.0.5.255/8
http_access allow my-clients
http_access deny bound
http_access deny all

# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed

and when i restart squid following error occurs
[root@idirao ~]# service squid restart
Stopping squid: 2013/07/31 12:06:29| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '10.0.1.1/8'
2013/07/31 12:06:29| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '10.0.1.255/8'
2013/07/31 12:06:29| WARNING: '10.0.0.0/255.0.0.0' is a subnetwork of '10.0.0.0/255.0.0.0'
2013/07/31 12:06:29| WARNING: because of this '10.0.0.0/255.0.0.0' is ignored to keep splay tree searching predictable
2013/07/31 12:06:29| WARNING: You should probably remove '10.0.0.0/255.0.0.0' from the ACL named 'my-clients'
2013/07/31 12:06:29| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '10.0.2.1/8'
2013/07/31 12:06:29| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '10.0.5.255/8'
2013/07/31 12:06:29| WARNING: '10.0.0.0/255.0.0.0' is a subnetwork of '10.0.0.0/255.0.0.0'
2013/07/31 12:06:29| WARNING: because of this '10.0.0.0/255.0.0.0' is ignored to keep splay tree searching predictable
2013/07/31 12:06:29| WARNING: You should probably remove '10.0.0.0/255.0.0.0' from the ACL named 'bound'
. [ OK ]
Starting squid: . [ OK ]


both my IP ranges can browse internet what i will do to make ACL my-clients for browse internet and ACl bound will not browse

So did you read what you posted??? Squid is telling you there are problems with your syntax, and is even telling you what to remove (see the bolded part). Doesn't get much more clear than that. You're specifying your addresses incorrectly...go back and read the documentation again.

i am previous in the organization where only 10 to 15 systems were present and now i am shifted to new organization the number of systmes now move to round about 500 i am with the idea of previous simple installation of centos and configuration say i have ideo of MASQUERADE and iptables command to bring my eth1 local systems to my squid proxy server
now as the number of pcs increased and this need more traffic on my eth0 card mean more internet load will be on my centos os server so what should i do now i have basic squid settings as

1. visible_hostname
2. acl my-clients src
http_allow my-clients
3. cache_mgr mynanme
4.http_proxy my proxy

will any body guide me in detail what i will need more so that server will up for 24/7 and there will be no problem for it to hang or no working or it will not be overload what cache and what steps necessary to keep my server all time active.