i write iptables rules for limit bandwidth download/upload per computer with ip address and mac address ,using tc for limit bandwidth in this below

# Generated by iptables-save v1.3.5 on Mon Dec 17 15:38:29 2007
*nat
:PREROUTING ACCEPT [587813:57358942]
:POSTROUTING ACCEPT [5:264]
:OUTPUT ACCEPT [547434:34852976]
-A PREROUTING -i eth1 -p tcp -m mark --mark 0x1 -m tcp --dport 80 -j REDIRECT --to-ports 80
-A PREROUTING -i eth+ -p tcp -m mark --mark 0x1 -m tcp --dport 3128 -j DROP
-A PREROUTING -i eth1 -p tcp -m mark ! --mark 0x1 -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -j MASQUERADE
COMMIT
# Completed on Mon Dec 17 15:38:29 2007
# Generated by iptables-save v1.3.5 on Mon Dec 17 15:38:29 2007
*mangle
:PREROUTING ACCEPT [7902558:1901605982]
:INPUT ACCEPT [13620050:6547400706]
:FORWARD ACCEPT [1320372:638137686]
:OUTPUT ACCEPT [13786688:7871109275]
:POSTROUTING ACCEPT [14923694:8497909815]
:maccheck - [0:0]
-A PREROUTING -i eth1 -p tcp -m tcp ! --dport 53 -j maccheck
-A PREROUTING -i eth+ -p udp -m mark ! --mark 0x1 -m udp -j ACCEPT
-A PREROUTING -i eth+ -p tcp -m mark ! --mark 0x1 -m tcp -j ACCEPT
-A PREROUTING -s 192.168.1.134 -i eth+ -m mac --mac-source 00:1C:26:00:4C:E6 -j MARK --set-mark 0x87
-A maccheck -j MARK --set-mark 0x1
COMMIT
# Completed on Mon Dec 17 15:38:29 2007
# Generated by iptables-save v1.3.5 on Mon Dec 17 15:38:29 2007
*filter
:INPUT ACCEPT [8656558:4025985541]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [4722325:828302042]
:d-band - [0:0]
:u-band - [0:0]
-A INPUT -m string --string "BitTorrent protocol" --algo kmp --to 65535 -j LOG --log-prefix " BitTorrent protocol-INPUT "
-A INPUT -m string --string "BitTorrent protocol" --algo kmp --to 65535 -j DROP
-A INPUT -m string --string "peer_id" --algo kmp --to 65535 -j LOG --log-prefix " peer_id-INPUT "
-A INPUT -m string --string "peer_id" --algo kmp --to 65535 -j DROP
-A INPUT -i eth+ -p tcp -m tcp --dport 1234 -j DROP
-A FORWARD -s 63.236.61.128/255.255.255.224 -i eth+ -p tcp -m tcp -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -m layer7 --l7proto bittorrent -j LOG --log-prefix " Layer7-FORWARD "
-A FORWARD -p udp -m layer7 --l7proto bittorrent -j DROP
-A FORWARD -p tcp -m layer7 --l7proto bittorrent -j DROP
-A FORWARD -m layer7 --l7proto bittorrent -j DROP
-A FORWARD -m ipp2p --bit -j LOG --log-prefix " ipp2p-FORWARD "
-A FORWARD -p udp -m ipp2p --bit -j DROP
-A FORWARD -p tcp -m ipp2p --bit -j DROP
-A FORWARD -m ipp2p --bit -j DROP
-A FORWARD -m string --string "peer_id" --algo kmp --to 65535 -j LOG --log-prefix " peer_id-FORWARD "
-A FORWARD -m string --string "peer_id" --algo kmp --to 65535 -j DROP
-A FORWARD -m string --string "BitTorrent" --algo kmp --to 65535 -j LOG --log-prefix " BitTorrent-FORWARD "
-A FORWARD -m string --string "BitTorrent" --algo kmp --to 65535 -j DROP
-A FORWARD -m string --string "BitTorrent protocol" --algo kmp --to 65535 -j LOG --log-prefix " BitTorrent_Protocol-FORWARD "
-A FORWARD -m string --string "BitTorrent protocol" --algo kmp --to 65535 -j DROP
-A FORWARD -s 192.168.1.134 -j u-band
-A FORWARD -s 192.168.1.134 -i eth+ -m mac --mac-source 00:1C:26:00:4C:E6 -j ACCEPT
-A FORWARD -d 192.168.1.134 -j d-band
-A FORWARD -i eth1 -p tcp -m tcp ! --dport 80 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -d 192.168.1.134 -j d-band
-A d-band -j ACCEPT
-A u-band -j ACCEPT
COMMIT
# Completed on Mon Dec 17 15:38:29 2007

********************************************
TC eth1
********************************************
qdisc cbq 1: rate 100000Kbit (bounded,isolated) prio no-transmit
qdisc tbf 135: parent 1:135 rate 128000bit burst 10Kb lat 320.0ms

********************************************
TC eth0
********************************************
qdisc cbq 1: rate 100000Kbit (bounded,isolated) prio no-transmit
qdisc tbf 135: parent 1:135 rate 64000bit burst 10Kb lat 640.0ms

i using speed test on web speedtest. it's not working with limit upload bandwidth(port 80 upload).it's not limit upload???

but i test another program sush as ftp,bittorrent (not use port 80 upload) it's work perfectly.

and i try to remove iptables transparent proxy rules (user surf internet without squid proxy)
*****************************************
-A PREROUTING -i eth1 -p tcp -m mark ! --mark 0x1 -m tcp --dport 80 -j REDIRECT --to-ports 3128
*****************************************
it's Working ?????? upload port 80 that it's can limit.


question!!
1. why i using squid that can't limit upload 80.
2. if i want to use squid with transparent proxy (iptables) that how to modify this my iptables.(i don't want to configure with delay pool in squid.conf)

Thank you for every answer.