Improve company productivity with a Business Account.Sign Up

x
?
Solved

Iptables & Squid Rules - Workstations with Dynamic Ip Address

Posted on 2006-10-30
2
Medium Priority
?
399 Views
Last Modified: 2008-03-17
Hi Experts...

One of my networks has a Windows 2003 server thats acts as a DHCP to the local network, and i administer a Linux BOX (Debian) with iptables and Squid. The internet access is restricted based on individual policies acording with the CEO.

My questions:

In Iptables and in Squid is possible to apply rules using only the MAC ADDRESS or the Machine Name ?

Any help will be very apreciate...

Regard´s

Tullio

0
Comment
Question by:tullioc
2 Comments
 
LVL 4

Accepted Solution

by:
NorCal2612 earned 2000 total points
ID: 17839686
This is a decent article explaining how to create iptables rules that filter based on MAC addresses:

http://jaredquinn.info/it-related/technical/2006.02.05/iptables-mac-filter/

And here is an example for squid:

(1) To allow http_access for only one machine with MAC Address 00:08:c7:9f:34:41

To use MAC address in ACL rules. Configure with option -enable-arp-acl.

acl all src 0.0.0.0/0.0.0.0
acl pl800_arp arp 00:08:c7:9f:34:41
http_access allow pl800_arp
http_access deny all

Hope this helps.
0
 

Author Comment

by:tullioc
ID: 17915681
NorCal2612

Perfect, thanks a lot....
0

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question