On Wed, 2003-03-19 at 10:11, fooler wrote: > > be sure that the final gateway before going on the net is the one > responsible dropping the packets... so its either your linux box or your > router
Yeah. > let the ip firewall handle this... since you are planning to drop all the > packets, be sure also to allow udp port 53 (dns) if it is applicable to your > needs Ok. > let squid's acl handle this... but take note, filtering thru mac address is > only good if the workstations are on the same subnet... you mentioned above > that there are hundreds of users in metro manila... i assume that those > users are on the different subnet... therefore, filtering thru mac address > is not applicable... you must filter this thru ip address plus added > security by using login authentication thru squid... We only have ONE subnet. Naka-RIP kami all over the Philippines (I think). Actually, useless na naman itong ginagawa ko dito. As usual, they insist to use their RedHat Linux 7.2 (INSTALL EVERYTHING W/OUT ANY UPDATES UNTIL NOW!) installation with Squid Proxy kasi gumagana pa naman daw eh at natatanggal naman daw ang virus sa mga workstations. Nakaka-inis talaga! =( Thank you very much. Marvin _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
