Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: d_loayza on April 07, 2010, 02:49:47 AM
-
Some years ago I'm using SME server and I really like.
I used Dansguardian to control business users navigating the Internet with success, however a while over here there are certain "smart" users that take advantage of free navigation IP´s to configure their computer and thus be able to skip the Dansguardian. I noticed it because my IP sometimes is used, creating an obvious conflict in the network. :-)
Here is the solution:
1) Create a directory /etc/squid/lists/
mkdir /etc/squid/lists/
2) Create a text file in that directory called bannedmaclist and placed there in the MAC address of customers who wish to block. With this format 01:02:45:F5:E1:67. A MAC Address per line. I use mcedit.
3) Create the directory /etc/e-smith/templates-custom/etc/squid
mkdir-p /etc/e-smith/templates-custom/etc/squid
4) Copy the squid.conf file located in /etc/squid in the directory you just created.
cp /etc/squid/squid.conf /etc/e-smith/templates-custom /etc/squid
5) Create a new block list adding the line:
acl macblock arp "/etc/squid/lists/bannedmaclist"
6) Modify the line that gives access to the service navigation:
http_access allow localsrc is changed to http_access allow localsrc !macblock
7) Expand the configuration file
expand-template /etc /squid/squid.conf
8) Restart the squid service.
service squid restart.
If a "smart" wants to give them a fox, then lock it and leave the mac punished without Internet until I want. I think it works in any version of SME server that has enabled arp lists, with squid-v you can see if it was compiled with --enable-arp-acl.
I hope they serve.
Best Regards.
Eng. Daniel J. M. Loayza
PD: Excuse my English, is not so good.