Hi guys!
As far as I see the MAC-address based ACL is not really based on MAC address.
- Squid checks the IP address of the HTTP request.
- Looks up the ARP table, and searches for the allowed MAC address.
- If the IP has got an ARP entry with the allowed MAC address it will
let it through.
This is a problem in my case, since there is a firewall in transparent
mode between the users workstations and the squid.
I would need to allow connections only from the firewall. I couldn't
do it IP based, since the firewall is set to keep the source IP of the
workstations.
But the source MAC is changed by the firewall, however i am not able
to filter for it, because of the previously mentioned reasons.
Best regards,
Attila
Received on Mon Aug 19 2013 - 19:06:48 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 20 2013 - 12:00:05 MDT