Dear Jeff Did u try arp acl. ?
Regards Babar Kazmi >I have iptables running with squid set up as transparent. My DHCP server gives >out 10.0.1.x and squid is set to bandwidth limit users on that scope. I have >mac addresses of my servers specified in my dhcp config so that they get >10.0.0.x addresses. Squid is set to NOT limit bandwidth at all for the >10.0.0.x scope. The problem is a user on the network could manually set their >IP address to a 10.0.0.x address. Is there some way to have squid check a list >of allowed mac addresses if a connection comes from 10.0.0.x and deny it if >it's not in the allow list? >
