[TriLUG] MAC-based web blocking
Stephen Roller
scroller at ncsu.edu
Wed Sep 6 16:24:11 EDT 2006
On Wed, 2006-09-06 at 15:37 -0400, Brian Henning wrote:
> I need to selectively block access to web sites based on MAC address of
> the browsing computer. It needs to be essentially transparent to
> everyone except the computers of the users with whom we have issues
> (fortunately $boss is not to the "$coworker has ruined it for everyone"
> stage, and is just saying "block $coworker's access"). In other words,
> I need "MAC addr xx:xx:xx:xx:xx:xx is only allowed to access this list
> of sites."
Squid (http://www.squid-cache.org/) can do that.
http://www.visolve.com/squid/squid24s1/access_controls.php
search for "MAC address" in this page. Of course, the proxy has to be
on the same subnet.
It might be easier to do it based on IP address. If you add a static
entry to your DHCP table (Mac addr xx:xx:xx:xx:xx:xx always gets IP
yyy.yyy.yyy.yyy). But you don't have to if you don't want to. Like I
said, it can do MAC addresses just fine.
More information about the TriLUG
mailing list