On Friday 25 July 2003 10:54 am, adrian.wells wrote: > Have you tried using ARP? You will need to recompile Squid to do this. It's > a little less likely that your users will be able to bypass this method of > using adapter addresses, we find it very effective in a school. > > Kind regards > Adrian > ----- Original Message ----- > From: Frank Chibesakunda <[EMAIL PROTECTED]> > To: <Squid Forum> <[EMAIL PROTECTED]> > Sent: Friday, July 25, 2003 9:58 AM > Subject: Re: [squid-users]ACLS > > > hello, > > > > I have implemented ACL's to restrict some users from browsing at > > specified times....guess what some users are changing their IP addresses > > and browse... > > > Is they way squid can handle this?
Another way might be to use netfilter / iptables rules on the squid machine to tie MAC addresses to IP addresses and reject packets which don't have the right combination...? Possibly even redirect such packets to a server which says "now put the IP address back and stop trying to bypass the system" :) ? Antony. -- Programming is a Dark Art, and it will always be. The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity. They're not things you can always overcome with a "methodology" or on a schedule. - Damian Conway, Perl God
