Showing results for 
Search instead for 
Did you mean: 

How to Block MAC address

Mohammed Shahidul Islam
Occasional Advisor

How to Block MAC address


I am using RedHat 4 and squid for proxy. I need to block MAC address as we block IP address. Please inform me how to block mac in squid server.

Thanks with regards
Ivan Ferreira
Honored Contributor

Re: How to Block MAC address

Squid must be compiled with mac address support (--enable-arp-acl). Check with squid -v.

If it's enabled, then you need to configure an acl like this:

acl aclname arp mac-address ... (xx:xx:xx:xx:xx:xx notation)

But I think that if you have dynamic IP configuration, then the preferred method is to use user based authentication.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Stuart Browne
Honored Contributor

Re: How to Block MAC address

Documentation is a wonderful thing..

This is from the 2.6 documentation:

acl aclname arp mac-address ... (xx:xx:xx:xx:xx:xx notation)

( )

The 2.5 configuration file doesn't list it as a viable option (and 2.5.STABLE14 is what comes with RHEL4), so not sure if it will work. Give it a spin, see what happens.

If that doesn't work, fall back to using IPTables to filter based on MAC address:

iptables -A INPUT -j REJECT -m mac --mac-source -p tcp --dport 80

or some such..
One long-haired git at your service...
Steven E. Protter
Exalted Contributor

Re: How to Block MAC address

Shalom Mohammed,

Note that its easy to clone and forge mac addresses. Its very common and a feature in the setup of many internet sharing devices like wireless hubs.

If you are trying to block access to a particular site or system by mac address, they can stop the block merely by changing network configuration or actual NIC cards.

The situation is a little more simple if you are blocking an internal user.

Steven E Protter
Owner of ISN Corporation