Luca Ferrari wrote: > I've got a network of mine with a quite standard and simple configuration: a > linux firewall with iptables and squid as web proxy. Now I'm fighting against > p2p, and using the ipt_p2p and ipt_ipp2p modules I blocked p2p, until my > users start using the proxy as a way to use p2p. My proxy has a simple rule > mechanism, that deny access selecting source ips and mac address at the same > time, but since a few users (like the boss) are unlocked, a few users start > changing their ip/mac address in order to get unconditioned access. Now the > question, as yuo can see, is: how can I block them? I found that using the > browser rule in squid I can block p2p http headers, but other programs like > microsoft money or antivirus update (avg) cannot work no more. Has anyone did > tis before? Any suggestion to definetively block this? Either: a) require users to connect to the proxy via a VPN which requires authentication, or b) use intelligent switches which allow you to lock ports to a specific MAC address. Option b) requires buying new hardware, but it is transparent to the user. > Could dhcp solve the problem, locking a mac to a specific ip and > thus denying the ip/mac changes? Not if users can change their MAC addresses. -- Glynn Clements <glynn@xxxxxxxxxxxxxxxxxx> - : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
