why cant you just filter the mac addresses with iptables? Jason
On Wed, Sep 06, 2006 at 04:27:14PM -0400, Brian Henning wrote: > The reason I don't want to use IP-based rules is that our problem users > are probably resourceful enough to try resetting their IPs. > > But yeah, I was already on that track; glad to have some encouraging > suggestions. :-) > > Thanks! > ~B > > Stephen Roller wrote: > >On Wed, 2006-09-06 at 15:37 -0400, Brian Henning wrote: > >>I need to selectively block access to web sites based on MAC address of > >>the browsing computer. It needs to be essentially transparent to > >>everyone except the computers of the users with whom we have issues > >>(fortunately $boss is not to the "$coworker has ruined it for everyone" > >>stage, and is just saying "block $coworker's access"). In other words, > >>I need "MAC addr xx:xx:xx:xx:xx:xx is only allowed to access this list > >>of sites." > > > >Squid (http://www.squid-cache.org/) can do that. > >http://www.visolve.com/squid/squid24s1/access_controls.php > >search for "MAC address" in this page. Of course, the proxy has to be > >on the same subnet. > > > >It might be easier to do it based on IP address. If you add a static > >entry to your DHCP table (Mac addr xx:xx:xx:xx:xx:xx always gets IP > >yyy.yyy.yyy.yyy). But you don't have to if you don't want to. Like I > >said, it can do MAC addresses just fine. > > > > -- > ---------------- > Brian A. Henning > strutmasters.com > 336.597.2397x238 > ---------------- > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ -- ================================================ | Jason Welsh [EMAIL PROTECTED] | | http://monsterjam.org DSS PGP: 0x5E30CC98 | | gpg key: http://monsterjam.org/gpg/ | ================================================ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
