----- Original Message ----- From: "Babar Kazmi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, April 24, 2004 3:38 PM Subject: RE: [squid-users] bandwidth limiting with mac crosscheck
> Dear Jeff > > Did u try arp acl. ? > > Regards > > Babar Kazmi > > > > >I have iptables running with squid set up as transparent. My DHCP server > gives > >out 10.0.1.x and squid is set to bandwidth limit users on that scope. I > have > >mac addresses of my servers specified in my dhcp config so that they get > >10.0.0.x addresses. Squid is set to NOT limit bandwidth at all for the > >10.0.0.x scope. The problem is a user on the network could manually set > their > >IP address to a 10.0.0.x address. Is there some way to have squid check a > list > >of allowed mac addresses if a connection comes from 10.0.0.x and deny it if > >it's not in the allow list? > > You would be better off doing IP/MAC crosscheck using iptables. You will get better performance than doing ACL's in squid. KRV
