Hi Shorewall Im a little out of my depth but we use the script below to rate limit incoming traffic from youtube, I would like to implement this with Shorewall but do not know how. Any advice appreciated tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:1 htb rate 10240mbit tc class add dev eth0 parent 1:1 classid 1:5 htb rate 40mbit ceil 40mbit prio 0 tc filter add dev eth0 parent 1:0 prio 1 protocol ip handle 5 fw flowid 1:5 iptables -I POSTROUTING -t mangle -s r1---sn-55goxu-ntqe.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r2---sn-55goxu-ntqe.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r3---sn-55goxu-ntqe.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r4---sn-55goxu-ntqe.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r1---sn-ntq7en7y.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r2---sn-ntq7en7y.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r3---sn-ntq7en7y.googlevideo.com -j MARK --set-mark 5 iptables -I POSTROUTING -t mangle -s r4---sn-ntq7en7y.googlevideo.com -j MARK --set-mark 5 cheers Steve ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk