[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-admin
Subject: Re: squid acls
From: "Adrian C." <drupix () gmail ! com>
Date: 2005-04-21 7:19:49
Message-ID: 42675415.5050604 () gmail ! com
[Download RAW message or body]
I think it's best for you to use INPUT chain for such filtering. Just
match port number for squid.
--Adrian.
Luca Ferrari wrote:
>On Wednesday 20 April 2005 21:25 Richard Nairn's cat walking on the keyboard
>wrote:
>
>
>
>>Hi Luca
>>
>>It can be done. The FAQ says so...
>>
>>The access control has the "arp" keyword. According the FAQ you have to
>>have compiled squid with the --enable-arp-acl switch to enable this.
>>
>>I think you would use it such:
>>
>>acl USERARP arp arp1 arp2
>>acl USERSRC src src1 src2
>>http_access allow USERARP USERSRC
>>
>>Since ACL entries are or'd and ACCESS is AND'd.
>>
>>
>>
>
>I already do this, but this implies that a valid ip and mac in the two acls
>can connect, while I need to check if a couple ip and mac (not any
>combination of them) can connect.
>
>Luca
>
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic