Dear all
After long search i got how to block pc's using mac address in squid
i done whole process mention below but still no luck my squid not blocking the pc's still allow to access internet
in whole process everything done without any error if restart proxy there is also no any error bu my acl is not working my config is here
acl lan src 192.168.30.0/255.255.255.0
acl macaddress arp 00:0C:29:35:B4:04
acl blockfiles urlpath_regex "/etc/squid/blockext.acl"
acl blockwebsites dstdomain "/etc/squid/blocksites.acl"
http_access deny macaddress
http_access deny blockwebsites
http_access deny blockfiles
http_access allow lan
&
process is here to enable mac arp in squid
1. Download
ftp://ftp.redhat.com/pub/redhat/linu...n/os/SRPMS/squ...
load it with
2. rpm -ivh squid-2.6.STABLE6-5.el5_1.3.src.rpm
then
3. updatedb
4. vim /usr/src/redhat/SPECS/squid.spec
5. add two line as below at %configure section see last two lines.
%configure \
** --exec_prefix=/usr \
** --bindir=%{_sbindir} \
** --libexecdir=%{_libdir}/squid \
** --localstatedir=/var \
** --datadir=%{_datadir} \
** --sysconfdir=/etc/squid \
** --enable-epoll \
** --enable-snmp \
** --enable-removal-policies="heap,lru" \
** --enable-storeio="aufs,coss,diskd,null,ufs" \
** --enable-ssl \
** --with-openssl=/usr/kerberos \
** --enable-delay-pools \
** --enable-linux-netfilter \
** --with-pthreads \
** --enable-ntlm-auth-helpers="SMB,fakeauth" \
** --enable-external-acl-helpers="ip_user,ldap_group,unix_group,wbinfo_group" \
** --enable-auth="basic,digest,ntlm" \
** --enable-digest-auth-helpers="password" \
** --with-winbind-auth-challenge \
** --enable-useragent-log \
** --enable-referer-log \
** --disable-dependency-tracking \
** --enable-cachemgr-hostname=localhost \
** --enable-underscores \
** --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL" \
** --enable-cache-digests \
** --enable-ident-lookups \
** %ifnarch ppc64 ia64 x86_64 s390x
** --with-large-files \
** %endif
** --enable-follow-x-forwarded-for \
** --enable-wccpv2 \
** --enable-fd-config \
** --with-maxfd=16384 \
** --enable-arp \****** <==========added line 1
** --enable-arp-acl \** <==========added line 2*********
6. rpmbuild -ba /usr/src/redhat/SPECS/squid.spec
7. Wait some time let it compile have cup of coffee
then load the rpm
rpm -ivh /usr/src/redhat/RPMS/i386/squid-2.6.STABLE6-5.3.i386.rpm
8. Then edit /etc/squid/squid.conf
*
#----the sample code-----
acl our_networks src 192.168.0.0/24
acl aclmac arp* 00:08:A1:95:71
4
http_access deny aclmac
http_access allow our_network
i need help why if everything is ok then it is not blocking the pc's
thanks in advanced