Try mo to: acl port8080 port 8080 acl port22 port 22 acl yourMAC arp 11:12:13:14:15:16 acl otherMACs arp "/etc/squid/othermac.txt"
http_access allow yourMAC port22 http_access allow yourMAC port8080 http_access allow otherMACs http_access deny all haven't tried this yet though :) hth. 'jopoy Marvin Pascual said: > On Tue, 2003-03-18 at 16:06, Ian C. Sison wrote: >> >> MAC addresses? or IP addresses. I don't think squid can do ACLs based >> on MAC addresses. > > Yes, it's possible. You only need to rebuild a src.rpm and enable > arp-acl on it. > >> Yes you can do that. Use the filter table and the INPUT rule. > > Yeah, it would be possible but afaik it needs to manually set IPTables > rules for each MAC addresses in the squid.conf's ACL. But I don't want > to do this because we have hundreds of users in Metro Manila area > alone. I want something that will: > > [1] DROP ALL first > [2] ACCEPT my workstation for TCP port 22 and 8080 only > [3] ACCEPT all MAC addresses that are in my squid.conf's ACL for TCP > port 8080 only > > Is there any solution for this problem? > > Thanks in advance. > > Marvin > > _ > Philippine Linux Users Group. Web site and archives at > http://plug.linux.org.ph To leave: send "unsubscribe" in the body to > [EMAIL PROTECTED] > > Fully Searchable Archives With Friendly Web Interface at > http://marc.free.net.ph > > To subscribe to the Linux Newbies' List: send "subscribe" in the body to > [EMAIL PROTECTED] Jopoy C. Solano Systems Administrator University of Baguio General Luna Road Baguio City Philippines 2600 P: +63 74 4423540 F: +63 74 4423071 http://www.ubaguio.edu _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
