Hello,
it should be possible using AND logic with ACLs in http_access rules.
Read Squid documentation for more information.
A sample might be:
acl myMAC mac 00:08:....
acl myIP src 10.x.x.x
acp myUSER proxy_auth username
...
...
http_access allow myMAC myIP myUSER
...
...
http_access deny all
and then creating a http_access record for each user allowed.
Regards,
Antonio Manfreda
Easynet srl c/o Reale Mutua Assicurazioni
Ufficio Architettura Tecnica
Area Security
antonio.manfreda@realemutua.it
Tel. 011-431-2791
Szemerédy Gábor
<gabor@rc-suboti Per: squid-users@squid-cache.org
ca.co.yu> Cc:
Oggetto: [squid-users] IP and MAC and login/password
05/02/2004 12.19
Hello!
Is there a solution to allow the internet connection for a certain user
only if:
the MAC address for the workstation matches and
the IP address for the workstation matches and
the login name and password are valid (coming from the same workstation)
?
We would like to allow the connection only if the login name and
password
are coming from the workstation with fixed MAC address and IP address.
We would like to prevent the access for the user who changed the IP
address
or MAC address ( to other values or pair of valid values ) using his
valid
username and password.
The reason is that we do traffic accounting based on the IP address
and would like to prevent users to use others account changing his
IP address to other users IP address.
Thanks!
Ai sensi della Legge 675/96 e successive modifiche/integrazioni si precisa
che le informazioni contenute nel presente messaggio, e negli eventuali
allegati, sono riservate e per uso esclusivo del destinatario. Pertanto č
vietata la copia, la diffusione e la rivelazione anche parziale dei dati in
esso contenuti alle persone non autorizzate dal medesimo. Chiunque lo
ricevesse per errore č pregato di restituirlo al mittente e di distruggere
il contenuto.
Received on Thu Feb 05 2004 - 05:26:42 MST
This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:02 MST