I think it's best for you to use INPUT chain for such filtering. Just
match port number for squid.
--Adrian.
Luca Ferrari wrote:
On Wednesday 20 April 2005 21:25 Richard Nairn's cat walking on the keyboard
wrote:
Hi Luca
It can be done. The FAQ says so...
The access control has the "arp" keyword. According the FAQ you have to
have compiled squid with the --enable-arp-acl switch to enable this.
I think you would use it such:
acl USERARP arp arp1 arp2
acl USERSRC src src1 src2
http_access allow USERARP USERSRC
Since ACL entries are or'd and ACCESS is AND'd.
I already do this, but this implies that a valid ip and mac in the two acls
can connect, while I need to check if a couple ip and mac (not any
combination of them) can connect.
Luca
-
: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
