Weblogs for arisnb
#1
Posted by arisnb on Wed 27 May 2009 at 10:33
If we used squid, and each one of the computers client's was restricted for access was based on the configuration in squid. However had a person who was naughty that is by replacing MAC Address or IP Address in order to be able to access the internet through it. There was a method in the style of the tukang nggame , that possibly could become the solution. Despite still had the gap at least could be useful moreover if the client was still lay about the security of the network. Get found it easy.
Make a file exp fixip.sh
It's contents (exp)
#!/bin/bash /usr/sbin/arp -s 192.168.1.67 00:14:76:1D:F1:11 /usr/sbin/arp -s 192.168.1.68 00:15:F5:74:B1:51 /usr/sbin/arp -s 192.168.1.69 00:16:46:F2:B1:F1Change permision file
#cmod +x fixip.shRunning that file
#./fixip.shNow, Edit file /etc/squid/squid.conf. This is example for IP and MAC above.
acl foo67 src 192.168.1.67/255.255.255.255 acl foo67_mac arp 00:14:76:1D:F1:11 acl foo68 src 192.168.1.68/255.255.255.255 acl foo68_mac arp 00:15:F5:74:B1:51 acl foo69 src 192.168.1.69/255.255.255.255 acl foo69_mac arp 00:16:46:F2:B1:F1 http_access allow foo67 foo67_mac http_access allow foo68 foo68_mac http_access allow foo69 foo69_mac http_reply_access allow foo67 foo67_mac http_reply_access allow foo68 foo68_mac http_reply_access allow foo69 foo69_macThen restart squid.
#/etc/init.d/squid force-reload