Re: [squid-users] MAC Authenication

From: Marc Elsen <marc.elsen@dont-contact.us>
Date: Mon, 20 Jan 2003 11:00:43 +0100

Louis Lau wrote:
>
> Hi all,
>
> This is quite urgent as we need to deploy the proxy server quickly, I =
> wonder if any user from the squid community can help me with this.
>
> I want to implement ACL authenication system in squid 2.3. however i =
> want to use the MAC address instead of user/password. Are there ACL =
> function for MAC made handy for 2.3? could i use the ip_user helper =
> function in 2.5 to implement this? thanks in advance

  Configure seems to have this option :

 --enable-arp-acl Enable use of ARP ACL lists (ether address)

 Probably what you need.

>...instead of user/password...

 Only an opinion , but I advise for user/password : basically any high
level
 network application will be better off with high level authentication
 schemes.
 Your idea conflicts somewhat with the tcp/ip networking model.

 Lower level parts of the network stack should not be involved
 for solving higher level problems.

 An example : at our site , some people use vmware, already meaning
 that a pc which runs a virtual machine, is on the network
 with more then one hw address (!). This already poses a kind of
 a problem in your scheme, let alone that we invent some of these
 addresses ourselves.
 Luckily the users can not do this...

 M.

>
> cheers
>
> Louis Lau

-- 
 'Time is a consequence of Matter thus
 General Relativity is a direct consequence of QM
 (M.E. Mar 2002)
Received on Mon Jan 20 2003 - 03:00:45 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:43 MST