On Mon, 8 Dec 2003, Viorel Serbu wrote: > acl lanaccess arp 00:20:E0:6F:FF:8D 00:50:FC:B4:22:68 00:06:4F:05:28:AD > http_access allow lanaccess > > just before the existing - http_access deny all > > I restarted the squid but nothing happens. Everybody can access the internet > (through proxy) like before, no matter its MAC.
Then you have some other http_access line before this which allows access.. if you did not then nobody should have had access before the change as your "existing" rule says that nobody is allowed access. You do know that ARP acl's is no more secure than IP acls do you? And that Squid must be compiled with --enable-arp-acl in order to have this acl type available? Regards Henrik
