Kenneth Gonsalves lawgon@thenilgiris.com writes:
in a cybercafe setup i have a mandrake server connected to dsl and squid and dhcp. The other machines are a variety of windoze stuff. I would like the facillity of enabling/disabling internet access for specific machines from the server. If i give each windoze machine a specific ip address, this can be done. But the user can always change the ip address in windoze. Any suggestions on how to do it?
You can check for the ipaddress - mac address combination using iptables on you GNU/Linux gateway. Dont permit any ip-mac combination which looks like the user has changed the ip.
You can allow/disallow internet (HTTP) connection using squid.conf. however, a better approach would be to use NAT., you can redirect HTTP traffic to squid by running squid as a transparent proxy. This way., your clients would be able to access other protocols such as IRC/SSH/* .. The control is still there.