Apache with MAC based access control

tdbabar · 01-29-2012, 07:27 PM

Hi,

I have a Apache server on internet and want to force the access control to limited clients only. The clients do not have fixed IPs so I want to use the client MAC address based access control.
Can someone let me know which open source tools can help to setup this?

TB0ne · 01-29-2012, 09:38 PM

Quote:

Originally Posted by tdbabar

Hi,
I have a Apache server on internet and want to force the access control to limited clients only. The clients do not have fixed IPs so I want to use the client MAC address based access control. Can someone let me know which open source tools can help to setup this?

Squid can do it.
http://wiki.squid-cache.org/SquidFaq...her_than_IP.3F

IPFW can do it as well
http://yplakosh.blogspot.com/2008/12...ic-by-mac.html

tdbabar · 01-30-2012, 08:21 AM

I think Squid is not the option that could work for us, as I guess it would need the proxy config settings at client level.

Could you please give some more details about IPFW? I do not see IPFW for RHEL/CentOS Linux.

TB0ne · 01-30-2012, 10:51 AM

Quote:

Originally Posted by tdbabar

I think Squid is not the option that could work for us, as I guess it would need the proxy config settings at client level.

Not necessarily. You can set up Squid to be transparent, and use IPtables to forward all port 80 traffic incoming to that box through Squid, at which point the ACL's will take effect. A bit roundabout, though.

Quote:

Could you please give some more details about IPFW? I do not see IPFW for RHEL/CentOS Linux.

My apologies...the rules I gave in that second link apply, but use iptables instead of ipfw. The rest of the command should be the same.