LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-26-2010, 12:14 AM   #1
gpiw
LQ Newbie
 
Registered: Mar 2010
Posts: 2

Rep: Reputation: 0
Block Mac Address on squid


Hello all,
Any one have any idea how to block PC in Squid using Mac Address.
I tried as in /etc/squid/squid. conf

acl block arp 00:13:45:d3: 24:e4
https_access deny block

but it give me error as like: - (This is the output of # squid -k parse)
aclParseAclLine: Invalid ACL type 'arp'
FATAL: Bungled squid.conf line 1234: acl block arp 00:13:45:d3: 24:e4
squid Cache (Version 2.5.STABLE6) : Terminated abnormally
 
Old 05-26-2010, 02:33 AM   #2
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Debian, OS X
Posts: 1,298

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by gpiw View Post
Hello all,
Any one have any idea how to block PC in Squid using Mac Address.
I tried as in /etc/squid/squid. conf

acl block arp 00:13:45:d3: 24:e4
https_access deny block

but it give me error as like: - (This is the output of # squid -k parse)
aclParseAclLine: Invalid ACL type 'arp'
FATAL: Bungled squid.conf line 1234: acl block arp 00:13:45:d3: 24:e4
squid Cache (Version 2.5.STABLE6) : Terminated abnormally
I think there is a space in MAC address after d3. Try removing the space and try.
 
Old 06-03-2011, 12:32 AM   #3
h.haider
LQ Newbie
 
Registered: Apr 2011
Location: Pakistan
Distribution: Centos, Fedora, Redhat, ubuntu, debian
Posts: 18

Rep: Reputation: 0
Quote:
Originally Posted by gpiw View Post
Hello all,
Any one have any idea how to block PC in Squid using Mac Address.
I tried as in /etc/squid/squid. conf

acl block arp 00:13:45:d3: 24:e4
https_access deny block

but it give me error as like: - (This is the output of # squid -k parse)
aclParseAclLine: Invalid ACL type 'arp'
FATAL: Bungled squid.conf line 1234: acl block arp 00:13:45:d3: 24:e4
squid Cache (Version 2.5.STABLE6) : Terminated abnormally
Hi Dear Follow This Link

Here is Video Tutorial Available on How to block mac address on squid

Block Mac Address In Squid
 
Old 06-03-2011, 07:29 AM   #4
sachin151080
LQ Newbie
 
Registered: Nov 2009
Posts: 12

Rep: Reputation: 0
Question My squid not blocking the mac addresses

Dear all

After long search i got how to block pc's using mac address in squid
i done whole process mention below but still no luck my squid not blocking the pc's still allow to access internet
in whole process everything done without any error if restart proxy there is also no any error bu my acl is not working my config is here

acl lan src 192.168.30.0/255.255.255.0
acl macaddress arp 00:0C:29:35:B4:04
acl blockfiles urlpath_regex "/etc/squid/blockext.acl"
acl blockwebsites dstdomain "/etc/squid/blocksites.acl"

http_access deny macaddress
http_access deny blockwebsites
http_access deny blockfiles
http_access allow lan


&

process is here to enable mac arp in squid

1. Download ftp://ftp.redhat.com/pub/redhat/linu...n/os/SRPMS/squ...
load it with
2. rpm -ivh squid-2.6.STABLE6-5.el5_1.3.src.rpm
then
3. updatedb
4. vim /usr/src/redhat/SPECS/squid.spec
5. add two line as below at %configure section see last two lines.
%configure \
** --exec_prefix=/usr \
** --bindir=%{_sbindir} \
** --libexecdir=%{_libdir}/squid \
** --localstatedir=/var \
** --datadir=%{_datadir} \
** --sysconfdir=/etc/squid \
** --enable-epoll \
** --enable-snmp \
** --enable-removal-policies="heap,lru" \
** --enable-storeio="aufs,coss,diskd,null,ufs" \
** --enable-ssl \
** --with-openssl=/usr/kerberos \
** --enable-delay-pools \
** --enable-linux-netfilter \
** --with-pthreads \
** --enable-ntlm-auth-helpers="SMB,fakeauth" \
** --enable-external-acl-helpers="ip_user,ldap_group,unix_group,wbinfo_group" \
** --enable-auth="basic,digest,ntlm" \
** --enable-digest-auth-helpers="password" \
** --with-winbind-auth-challenge \
** --enable-useragent-log \
** --enable-referer-log \
** --disable-dependency-tracking \
** --enable-cachemgr-hostname=localhost \
** --enable-underscores \
** --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL" \
** --enable-cache-digests \
** --enable-ident-lookups \
** %ifnarch ppc64 ia64 x86_64 s390x
** --with-large-files \
** %endif
** --enable-follow-x-forwarded-for \
** --enable-wccpv2 \
** --enable-fd-config \
** --with-maxfd=16384 \
** --enable-arp \****** <==========added line 1
** --enable-arp-acl \** <==========added line 2*********
6. rpmbuild -ba /usr/src/redhat/SPECS/squid.spec
7. Wait some time let it compile have cup of coffee
then load the rpm
rpm -ivh /usr/src/redhat/RPMS/i386/squid-2.6.STABLE6-5.3.i386.rpm
8. Then edit /etc/squid/squid.conf
*
#----the sample code-----
acl our_networks src 192.168.0.0/24
acl aclmac arp* 00:08:A1:95:714
http_access deny aclmac
http_access allow our_network


i need help why if everything is ok then it is not blocking the pc's

thanks in advanced
 
Old 06-03-2011, 10:43 AM   #5
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Debian, OS X
Posts: 1,298

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by sachin151080 View Post
Dear all

After long search i got how to block pc's using mac address in squid
i done whole process mention below but still no luck my squid not blocking the pc's still allow to access internet
in whole process everything done without any error if restart proxy there is also no any error bu my acl is not working my config is here

acl lan src 192.168.30.0/255.255.255.0
acl macaddress arp 00:0C:29:35:B4:04
acl blockfiles urlpath_regex "/etc/squid/blockext.acl"
acl blockwebsites dstdomain "/etc/squid/blocksites.acl"

http_access deny macaddress
http_access deny blockwebsites
http_access deny blockfiles
http_access allow lan


&

process is here to enable mac arp in squid

1. Download ftp://ftp.redhat.com/pub/redhat/linu...n/os/SRPMS/squ...
load it with
2. rpm -ivh squid-2.6.STABLE6-5.el5_1.3.src.rpm
then
3. updatedb
4. vim /usr/src/redhat/SPECS/squid.spec
5. add two line as below at %configure section see last two lines.
%configure \
** --exec_prefix=/usr \
** --bindir=%{_sbindir} \
** --libexecdir=%{_libdir}/squid \
** --localstatedir=/var \
** --datadir=%{_datadir} \
** --sysconfdir=/etc/squid \
** --enable-epoll \
** --enable-snmp \
** --enable-removal-policies="heap,lru" \
** --enable-storeio="aufs,coss,diskd,null,ufs" \
** --enable-ssl \
** --with-openssl=/usr/kerberos \
** --enable-delay-pools \
** --enable-linux-netfilter \
** --with-pthreads \
** --enable-ntlm-auth-helpers="SMB,fakeauth" \
** --enable-external-acl-helpers="ip_user,ldap_group,unix_group,wbinfo_group" \
** --enable-auth="basic,digest,ntlm" \
** --enable-digest-auth-helpers="password" \
** --with-winbind-auth-challenge \
** --enable-useragent-log \
** --enable-referer-log \
** --disable-dependency-tracking \
** --enable-cachemgr-hostname=localhost \
** --enable-underscores \
** --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL" \
** --enable-cache-digests \
** --enable-ident-lookups \
** %ifnarch ppc64 ia64 x86_64 s390x
** --with-large-files \
** %endif
** --enable-follow-x-forwarded-for \
** --enable-wccpv2 \
** --enable-fd-config \
** --with-maxfd=16384 \
** --enable-arp \****** <==========added line 1
** --enable-arp-acl \** <==========added line 2*********
6. rpmbuild -ba /usr/src/redhat/SPECS/squid.spec
7. Wait some time let it compile have cup of coffee
then load the rpm
rpm -ivh /usr/src/redhat/RPMS/i386/squid-2.6.STABLE6-5.3.i386.rpm
8. Then edit /etc/squid/squid.conf
*
#----the sample code-----
acl our_networks src 192.168.0.0/24
acl aclmac arp* 00:08:A1:95:714
http_access deny aclmac
http_access allow our_network


i need help why if everything is ok then it is not blocking the pc's

thanks in advanced

Did you tried this ?

Also, please paste your commands or output of files/commands in CODES, it makes post more readable.

Last edited by vikas027; 06-03-2011 at 10:45 AM.
 
0 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind IP address with MAC address in squid 3 ( Source baced) gulnawaz Linux - Server 3 01-14-2010 02:25 AM
binding of IP address to its mac address in squid proxy ramamalempati Linux - Server 5 06-05-2009 03:51 AM
can't block MAC Address using iptables Ameii83 Linux - Newbie 2 02-27-2007 07:31 AM
Block all users and allow certain Mac Address georgiozoze Linux - Networking 2 01-18-2007 05:31 AM
block mac address Ammad Linux - General 1 09-11-2005 02:00 PM


All times are GMT -5. The time now is 06:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration