Martin.Pichlmaier@xxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
Hi Dayo,
you have to recompile squid for this with the additional configure option
'--enable-arp-acl'.
There are some other constraints, read through the documention (for
example the config file).
<snip from config file version 3.0.STABLE15>
# acl aclname arp mac-address ... (xx:xx:xx:xx:xx:xx notation)
# # The arp ACL requires the special configure option
--enable-arp-acl.
# # Furthermore, the ARP ACL code is not portable to all operating
systems.
# # It works on Linux, Solaris, Windows, FreeBSD, and some other
*BSD variants.
# #
# # NOTE: Squid can only determine the MAC address for clients
that are on
# # the same subnet. If the client is on a different subnet, then
Squid cannot
# # find out its MAC address.
</snip>
Best regards,
Martin
Dayo Adewunmi <contactdayo@xxxxxxxxx>
24.06.2009 11:52
Bitte antworten an
contactdayo@xxxxxxxxx
An
squid-users@xxxxxxxxxxxxxxx
Kopie
Thema
Banning MAC addresses in squid3
Hi all,
I'm trying to block MAC address with this ACL:
acl banned_MAC arp 00:1a:73:ff:fa:9a
http_access deny banned_MAC
...and restarting squid3 gives me this error:
2009/06/24 10:34:52| Reconfiguring Squid Cache (version 3.0.STABLE1)...
2009/06/24 10:34:52| FD 12 Closing HTTP connection
2009/06/24 10:34:52| FD 15 Closing ICP connection
2009/06/24 10:34:52| aclParseAclLine: Invalid ACL type 'arp'
Is there something else that needs to be included for 'arp' to become a
valid ACL type?
Best regards
Dayo
You also have to use at minimum 3.0.STABLE15.
There are still open ident bugs, but there were several that caused
ident to be fully non-functional right up to that release.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16
Current Beta Squid 3.1.0.8
