LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-15-2005, 11:20 AM   #1
exalted
LQ Newbie
 
Registered: Nov 2003
Location: Modesto, CA
Posts: 11

Rep: Reputation: 0
setting time limit on internet


I'm not sure if this is the best place to post this but . . .
How would one set a limit on internet access based on time. Say the internet was only available from 9am until 11am and then 1pm until 3pm. It's summer time, and I want to make sure my kids aren't on the computer nonstop while I'm at work. Any help appreciated.
 
Old 06-15-2005, 02:28 PM   #2
rose_bud4201
Member
 
Registered: Aug 2002
Location: St Louis, MO
Distribution: Xubuntu, RHEL, Solaris 10
Posts: 927

Rep: Reputation: 30
I think there's probably some commercially available system lockdown software available that will do this, but the only thing I can think of is perhaps some sort of cron job which will check to see what time it is, and if it's not between 9am-11am && it's not between 1pm-3pm && your network interface is up, bring it down (ifconfig eth0 down). Set up the job to run sufficiently frequently, and it will prevent any internet access whatsoever (and
if they figure out how to bring it up, it'll just go down again).
Another option would be to limit your browser to just one choice, say firefox (uninstall any others), and write a wrapper script which won't run the browser unless it's between the specified hours. You could make it display some sort of error message if it's not.
(I say firefox because it runs via a script rather than a binary, so you could p'bly edit it to do whatever you'd like). The problem with this is it will disallow browser access, but not IM, IRC, etc.

Dunno...just some ideas
 
Old 06-15-2005, 03:48 PM   #3
rose_bud4201
Member
 
Registered: Aug 2002
Location: St Louis, MO
Distribution: Xubuntu, RHEL, Solaris 10
Posts: 927

Rep: Reputation: 30
Sorry, I'm truly bored at work today...

This'll do the trick too, if it's started as root (it's got to be run as root, actually. Users don't get access to ifconfig and dhcpcd). Plus, if it's run as root, users can't kill -9 it :-)

Code:
#!/bin/bash


while(true); do
    nineAM=`date +%s --date="09:00"`
    elevenAM=`date +%s --date="11:00"`
    onePM=`date +%s --date="13:00"`
    threePM=`date +%s --date="15:00"`

    now=`date +%s`

    if [[ ($now -gt $nineAM && $now -lt $elevenAM) || ($now -gt $onePM && $now -lt $threePM) ]]; then
        status=`ifconfig | grep eth0`
        if [ -z "$status" ]; then
            ifconfig eth0 up
            #restart dhcpcd too...I always have to do this
            dhcpcd -k
            dhcpcd
        fi
    else
        status=`ifconfig | grep eth0`
        if [ -z $status ]; then
            #nothing
        else
            echo "eth0 is going down..."
            ifconfig eth0 down
        fi
    fi

    # wait 5 minutes before checking again
    sleep 300;
done
 
Old 06-15-2005, 05:02 PM   #4
Imanerd
Member
 
Registered: Dec 2004
Location: Bay Area, California
Distribution: Fedora Core 3
Posts: 65

Rep: Reputation: 15
My cheapo D-link router does exactly what you're looking for, but I wish I could do it through my firewall instead. I have mine set so that the kids' IP addresses are blocked from internet access and AIM when they're supposed to be sleeping.
 
Old 06-17-2005, 06:01 PM   #5
jayakrishnan
Member
 
Registered: Feb 2002
Location: India
Distribution: Slacky 12.1, XP
Posts: 991

Rep: Reputation: 30
I think SQUID proxy might help here
 
Old 06-18-2005, 01:16 PM   #6
exalted
LQ Newbie
 
Registered: Nov 2003
Location: Modesto, CA
Posts: 11

Original Poster
Rep: Reputation: 0
Talking

Quote:
Originally posted by rose_bud4201
Sorry, I'm truly bored at work today...

This'll do the trick too, if it's started as root (it's got to be run as root, actually. Users don't get access to ifconfig and dhcpcd). Plus, if it's run as root, users can't kill -9 it :-)
I know how that is! Thanks a lot! I'll give this a try on Monday and see how grumpy my kids are when I get home
 
Old 07-06-2005, 05:19 PM   #7
nickbunyan
LQ Newbie
 
Registered: Jul 2005
Location: UK
Distribution: Suse
Posts: 2

Rep: Reputation: 0
Use the ipchains bit if you have home network...

I have the same problem with two sons who want to surf instead of sleep - and I split the problem with them into two parts.

I spent a few bucks (around 25 I think) on a proprietary Windoze site filter. There are several to choose from and I think even one or two freeware ones these days... becasue this means I can be reasonably sure they are not going where they shouldn't and then the easy part is to use Ipchains on the linux gateway to do the time-clock part.

Simply configure 2 or 3 different ipchains files with different rulesets which allow some, none or all the machines (your choice) to access the internet via your linux gateway on the cable. then use good old cron to switch over from one file to another at appropriate times.

E.g.

Ruleset one
Dads Machine
Mums Machine
Big Son Machine
Small Son Machine

Ruleset two
Dads Machine
Mums Machine
Big Son Machine

Ruleset three
Dads machine
Mums Machine


At 2000 hrs when small son should be getting ready for bed, cron switches from ruleset one to ruleset two, then at 2130 when Big son should be getting ready for bed, cron runs ipchains with ruleset three and then only mum and dad can surf the net...

The main reason I went this route is that I coldn't find a freeware linux based content filter that was 'up-to-date'. Most of the paid-for Windoze ones include regular updates with the fee so the 'banned lists' keep getting updated.

I have assumed that you have more than one machine on the home network so they might want to use the network but not surf the net...?

Hope this helps and if you need help with the ipchains config ping me here.

nickbunyan
 
Old 07-07-2005, 03:53 AM   #8
Kahless
Member
 
Registered: Jul 2003
Location: Pennsylvainia
Distribution: Slackware / Debian / *Ubuntu / Opensuse / Solaris uname: Brian Cooney
Posts: 503

Rep: Reputation: 30
if you want to completley deny acess to the machine, not just the internet, google logoutd.

I used it on my "little sister" and took care of her surfing/not sleeping habits over night


its a little on the brute side thou, it just kinly logs you off when your supposed to log off.... doesnt save your work, ect, but heck, her work was chatting with friends, and she quickley learned to watch the clock close to 11 and say goodby
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bootloader Time Limit KissDaFeetOfSean Linux - Newbie 3 06-16-2005 12:54 AM
Is it possible in Linux to limit internet uses time ikillu Linux - Networking 4 06-01-2005 08:31 AM
Limit internet access for certain hosts during certain time i16978 Linux - Newbie 2 05-05-2005 01:19 AM
Setting the computer clock according to a time server on the internet didi86 Linux - Software 11 10-05-2004 09:52 AM
time limit for select jhon Linux - Networking 1 09-08-2004 10:03 AM


All times are GMT -5. The time now is 02:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration