Some years ago I'm using SME server and I really like.
I used Dansguardian to control business users navigating the Internet with success, however a while over here there are certain "smart" users that take advantage of free navigation IP´s to configure their computer and thus be able to skip the Dansguardian. I noticed it because my IP sometimes is used, creating an obvious conflict in the network.
Here is the solution:
1) Create a directory /etc/squid/lists/
mkdir /etc/squid/lists/ 2) Create a text file in that directory called bannedmaclist and placed there in the MAC address of customers who wish to block. With this format 01:02:45:F5:E1:67. A MAC Address per line. I use mcedit.
3) Create the directory /etc/e-smith/templates-custom/etc/squid
mkdir-p /etc/e-smith/templates-custom/etc/squid 4) Copy the squid.conf file located in /etc/squid in the directory you just created.
cp /etc/squid/squid.conf /etc/e-smith/templates-custom /etc/squid 5) Create a new block list adding the line:
acl macblock arp "/etc/squid/lists/bannedmaclist" 6) Modify the line that gives access to the service navigation:
http_access allow localsrc is changed to
http_access allow localsrc !macblock 7) Expand the configuration file
expand-template /etc /squid/squid.conf 
Restart the squid service.
service squid restart. If a "smart" wants to give them a fox, then lock it and leave the mac punished without Internet until I want. I think it works in any version of SME server that has enabled arp lists, with
squid-v you can see if it was compiled with --enable-arp-acl.
I hope they serve.
Best Regards.
Eng. Daniel J. M. Loayza
PD: Excuse my English, is not so good.
0 Replies
929 Views