[squid-users] re-directing through squid using MAC
Eliezer Croitoru
ngtech1ltd at gmail.com
Sat Jan 30 17:12:53 UTC 2021
Hey,
There are many solutions for these however it depends on couple things.
The first thing is the parental and kids/children/others cooperation.
Ie if the kids know and want to use the solution.
I believe that parenting starts based on understanding that there is a Threat out there.
Today it’s the same thing like fire and other hazards awareness.
If the kids/children/others in the house doesn’t believe that there is a threat it is the obligation of the parents and
the community to teach and educate them about the subject(To my believe A demo is always a last resort solution).
( I have seen many adults which doesn’t believe even after they have been hit..
Ie they have a virus on their PC or Mobile and they still believe that there is not issue.
Even after these are being given a demo of what is being leaked from their PC and Mobile they don’t care. )
Lately I have seen couple new WIFI solutions(The old doesn’t work anymore..) which offers some parental control
in the house bundled in the product that has a management and control app for the parents.
I don’t know if these can be compared to squid.
I can just say that IDS and AV with squid would require some kind of customization and I believe that it’s worth
to try some ready to use solutions as a part of the kids/children and adults education.
It’s like riding a bicycle, if you will try to create one yourself… it depends on your “blacksmith” or “iron man” skills.
To force the PC or the mobile would be different solution but they both require some application these days.
On your LAN it will also depend on the cooperation.
When you want to capture traffic on LAN it would probably be by the combination of MAC and IP.
These two are both tied to one another…
There are many devices these day who tries to dynamically assign mac address to avoid what you are trying to achieve.
To overcome this you are probably better use one of these below (or more..):
* 802x authentication for WIFI
* Redirect all traffic except the identified devices by their MAC+IP(FROM DHCP)
* HotSpot authentication
I have implemented the above solutions on both a Linux device and Mikrotik.
Currently I am using Mikrotik Router which does all of the above else then the filtering itself which I am using
an external service which does better tls/ssl inspection and categorizing then I can provide with Squid and a subscription.
(…No hard feelings with the Squid project)
All The Bests,
Eliezer
----
Eliezer Croitoru
Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd at gmail.com <mailto:ngtech1ltd at gmail.com>
Zoom: Coming soon
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Wolfgang Paul Rauchholz
Sent: Saturday, January 30, 2021 9:19 AM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] re-directing through squid using MAC
I got two questions actualy. I want to re-direct all traffic certain users (parental control...) through squid.
(1) What i the best possibility to do so independently of whether they are on the LAN or are outside home?
(2) If I only want to re-direct when they are on the LAN; can I do this by capturing the MAC address of their devices?
Thank you!
Wolfgang Rauchholz
+34 627 994 977
https://www.linkedin.com/in/wolfgangrauchholz/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210130/48671026/attachment.htm>
More information about the squid-users
mailing list