On Mon, 8 Dec 2003, Viorel Serbu wrote:
> acl lanaccess arp 00:20:E0:6F:FF:8D 00:50:FC:B4:22:68 00:06:4F:05:28:AD
> http_access allow lanaccess
>
> just before the existing - http_access deny all
>
> I restarted the squid but nothing happens. Everybody can access the internet
> (through proxy) like before, no matter its MAC.
Then you have some other http_access line before this which allows
access.. if you did not then nobody should have had access before the
change as your "existing" rule says that nobody is allowed access.
You do know that ARP acl's is no more secure than IP acls do you?
And that Squid must be compiled with --enable-arp-acl in order to have
this acl type available?
Regards
Henrik
Received on Mon Dec 08 2003 - 10:26:44 MST
This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:07 MST