[squid-users] Use arp and time acls to control access
tarotapprentice at yahoo.com
Tue May 10 12:53:15 UTC 2016
I'm trying to restrict internet access of certain devices to certain times of the day. My config looks like:
acl devicename1 arp aa:bb:cc:dd:ee:ffacl devicename2 arp aa:bb:cc:ff:ee:ddacl usertime time MTWHF 06:30-08:00acl usertime time MTWHF 18:00-22:30
http_access allow devicename1 usertimehttp_access allow devicename2 usertimehttp_access deny devicename
I'm using squid 3.5.17 (the latest in Debian Stretch). The client devices are using the proxy in explicit mode.
devicename1 and devicename2 currently are getting dynamic IP's but I can set the router up to give a static IPv4 address and use that instead of the mac address.
>From reading the docs it seems arp (the mac address) isn't available if they use IPv6. Also if they're using an https site it isn't going to work unless I start peeking. Is there a better way of restricting the access to the allowed times for both http and https traffic?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the squid-users