Re: [squid-users]ACLS

On Friday 25 July 2003 10:54 am, adrian.wells wrote:

> Have you tried using ARP? You will need to recompile Squid to do this. It's
> a little less likely that your users will be able to bypass this method of
> using adapter addresses, we find it very effective in a school.
>
> Kind regards
> Adrian
> ----- Original Message -----
> From: Frank Chibesakunda <fchibesakunda@zesco.co.zm>
> To: <Squid Forum> <squid-users@squid-cache.org>
> Sent: Friday, July 25, 2003 9:58 AM
> Subject: Re: [squid-users]ACLS
>
> > hello,
> >
> > I have implemented ACL's to restrict some users from browsing at
> > specified times....guess what some users are changing their IP addresses
> > and browse...
>
> > Is they way squid can handle this?

Another way might be to use netfilter / iptables rules on the squid machine
to tie MAC addresses to IP addresses and reject packets which don't have the
right combination...?

Possibly even redirect such packets to a server which says "now put the IP
address back and stop trying to bypass the system" :) ?
 

Antony.

-- 
Programming is a Dark Art, and it will always be. The programmer is
fighting against the two most destructive forces in the universe:
entropy and human stupidity. They're not things you can always
overcome with a "methodology" or on a schedule.
 - Damian Conway, Perl God