Dear Sir, i cant find any "OT: A Dansguardian package" in packages section, do i need to configure it manually?
On Wed, May 4, 2011 at 2:16 PM, Benjamin Fromme < [email protected]> wrote: > OT: A Dansguardian package would be so nice! > > Am Mittwoch, den 04.05.2011, 13:49 +0530 schrieb Shali K.R.: > > Dear Sir, > > > > > > Thank you very much for your detailed reply... > > > > On Wed, May 4, 2011 at 11:05 AM, Adam Thompson <[email protected]> > > wrote: > > This is a frequently asked question both here and elsewhere, > > including squid-specific forums. > > > > The question arises from an imperfect understanding of IP > > networking. One of the cornerstones of IP is the decoupling > > of data-link and network layers. There is no inherent > > requirement in IP to even have a MAC address - that is a > > peculiarity of Ethernet (and several other network types). > > The ARP protocol exists to *prevent* administrators from > > needing to know MAC addresses! > > > > Any method for tying squid ACLs to MAC addresses relies on > > several unjustifiable assumptions. One, that MAC addresses > > are fixed, unique identifiers. They are not - it is trivial > > to change MAC addresses. And two, that the squid server can > > know the client's MAC address. This is only valid in the case > > of a single, unrouted Ethernet LAN. As soon as an IP packet > > crosses a router, you lose the MAC data. There are several > > scenarios where using a wireless network will produce > > untrustable MAC addresses. > > > > Lastly, this concept attempts to directly couple the top and > > bottom layers of the OSI model. The layers of the OSI model > > exist precisely so that the Data Link layer is fully > > independent from the Session layer. > > > > The best solution is generally considered to be the use of > > proxy authentication, which ties rules to individual users - > > this is usually the goal anyway! > > > > -Adam > > > > > > > > "Shali K.R." <[email protected]> wrote: > > > > >Dear all, > > > > > >I have a doubt , i am using pfsense with squid and squidguard > > and my > > >different privilege configurations are based on ip address in > > squidguard but > > >some of my users chaning their ips and getting unauthorized > > access. is there > > >any method to trace the mac ids ??? > > >-- > > >Thanks & Regards > > > > > >Shali K R > > >Server Administrator > > >Vidya Academy of Science & Technology > > >Thrissur,Kerala. > > >Mob:9846303531 > > > > > > > > > > -- > > Thanks & Regards > > > > Shali K R > > Server Administrator > > Vidya Academy of Science & Technology > > Thrissur,Kerala. > > Mob:9846303531 > > > > > > -- > Benjamin > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > > -- Thanks & Regards Shali K R Server Administrator Vidya Academy of Science & Technology Thrissur,Kerala. Mob:9846303531
