LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 06-03-2009, 03:36 AM   #1
ramamalempati
LQ Newbie
 
Registered: Jun 2009
Posts: 3

Rep: Reputation: 0
binding of IP address to its mac address in squid proxy


I want to know how to bind Ip addresses to its mac addresses in Squid Proxy Please
 
Old 06-03-2009, 08:07 PM   #2
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Squid is not a DHCP server -- in what way do you want IP and mac addresses bound?
 
Old 06-04-2009, 02:51 AM   #3
mamtasahai1
Member
 
Registered: Jan 2007
Location: India
Distribution: RHEL 5, Fedora 9, Solaris, FreeBSD
Posts: 52

Rep: Reputation: 15
You can try this...

1. edit your squid.conf. Add these acl..
acl mac1 arp 00:14:85:99:3B:8D
acl ip1 arp 192.168.0.1

2. Add this before "http_access deny all"
http_access allow mac1 ip1

using this way you bind mac with one IP address that user can’t change his machine address to bypass squid filters.
 
Old 06-04-2009, 06:29 AM   #4
ramamalempati
LQ Newbie
 
Registered: Jun 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Matir View Post
Squid is not a DHCP server -- in what way do you want IP and mac addresses bound?
Dear Sir!
Good Evening!
I have one Linux (Red Hat) based Proxy Server with two NIC cards one is of Public and the other is of Private For Ex:10.35.9.3 and 218.x.x.x . In our LAN (10.35.9.0),some users are provided with Full Internet and some with rstricted sites.Some users are wantedly misusing the Internet by using the IPs(Having Internet) and moreover in my Lan All IPs are statically assigned.If I bind the mac addresses to the IP addresses,I can restrict the users na.So in this regard I need help.if It's possible please help me

With regards
Ramamalempati
 
Old 06-04-2009, 07:17 AM   #5
ramamalempati
LQ Newbie
 
Registered: Jun 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by mamtasahai1 View Post
You can try this...

1. edit your squid.conf. Add these acl..
acl mac1 arp 00:14:85:99:3B:8D
acl ip1 arp 192.168.0.1

2. Add this before "http_access deny all"
http_access allow mac1 ip1

using this way you bind mac with one IP address that user canít change his machine address to bypass squid filters.
Dear Sir!
Good Evening!
I tried in the manner whatever U told.but I am unable to get the result.I am sending the edition.U please C and tell me if any corrections needed


acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl bsnl dstdomain .bsnl.co.in .bsnl.in
acl local_lan src "/etc/squid/acl/full_ip"
acl ltd_ip src "/etc/squid/acl/ltd_ip"
acl newltd_ip src "/etc/squid/acl/newltd_ip"
acl local_lan2 src "/etc/squid/acl/dgmds_ip"
acl full_ip35 src "/etc/squid/acl/full_ip35"
acl allowed_sites url_regex "/etc/squid/acl/alwd_sites"
acl corp_sites url_regex "/etc/squid/acl/corp_site"
acl mac1 arp 00-15-F2-4D-92-72
acl ip1 arp 10.35.1.28
acl password proxy_auth REQUIRED




http_access allow manager localhost
http_access deny manager
#http_access allow password lan
http_access allow password bsnl ltd_ip
http_access allow password local_lan
http_access allow password local_lan2
http_access allow password ltd_ip allowed_sites
http_access allow password newltd_ip corp_sites
http_access allow password full_ip35
http_access allow mac1 ip1

With regards
Ramamalempati
 
Old 06-05-2009, 02:51 AM   #6
mamtasahai1
Member
 
Registered: Jan 2007
Location: India
Distribution: RHEL 5, Fedora 9, Solaris, FreeBSD
Posts: 52

Rep: Reputation: 15
Sorry
Correct this
acl ip1 src 10.35.1.28

The arp ACL requires the special configure option
--enable-arp-acl.


So you have to install squid with this option.

NOTE: Squid can only determine the MAC address for clients that are on the same subnet. If the client is on a different subnet, then Squid cannot find out its MAC address.

Last edited by mamtasahai1; 06-05-2009 at 02:52 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
MAC with IP binding in squid Proxy saas Linux - Newbie 4 01-02-2009 10:57 AM
Single DHCP server ,to provide the ip address to a MAC address in two different subne alix123 Linux - Software 5 05-08-2007 11:16 PM
denying computer thur mac address squid slack66 Slackware 0 11-22-2006 07:56 AM
Restriction using MAC address (squid) SuSE AQG Linux - Security 35 08-31-2006 10:13 AM
how to get ip address, broadcast address, mac address of a machine sumeshstar Programming 2 03-12-2005 04:33 AM


All times are GMT -5. The time now is 03:34 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration