I have iptables running with squid set up as transparent. My DHCP server gives out 10.0.1.x and squid is set to bandwidth limit users on that scope. I have mac addresses of my servers specified in my dhcp config so that they get 10.0.0.x addresses. Squid is set to NOT limit bandwidth at all for the 10.0.0.x scope. The problem is a user on the network could manually set their IP address to a 10.0.0.x address. Is there some way to have squid check a list of allowed mac addresses if a connection comes from 10.0.0.x and deny it if it's not in the allow list?
