On Friday 25 July 2003 10:54 am, adrian.wells wrote:
> Have you tried using ARP? You will need to recompile Squid to do this. It's
> a little less likely that your users will be able to bypass this method of
> using adapter addresses, we find it very effective in a school.
>
> Kind regards
> Adrian
> ----- Original Message -----
> From: Frank Chibesakunda <fchibesakunda@zesco.co.zm>
> To: <Squid Forum> <squid-users@squid-cache.org>
> Sent: Friday, July 25, 2003 9:58 AM
> Subject: Re: [squid-users]ACLS
>
> > hello,
> >
> > I have implemented ACL's to restrict some users from browsing at
> > specified times....guess what some users are changing their IP addresses
> > and browse...
>
> > Is they way squid can handle this?
Another way might be to use netfilter / iptables rules on the squid machine
to tie MAC addresses to IP addresses and reject packets which don't have the
right combination...?
Possibly even redirect such packets to a server which says "now put the IP
address back and stop trying to bypass the system" :) ?
Antony.
-- Programming is a Dark Art, and it will always be. The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity. They're not things you can always overcome with a "methodology" or on a schedule. - Damian Conway, Perl GodReceived on Fri Jul 25 2003 - 04:21:00 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:16 MST