Quote:
Originally posted by FiveFlat
I have a linux server that dials out to the internet. My Netgear router acts as a secondary firewall and my DHCP server (and a switch). Me, my wife and my son each have a separate computer that gets it's ip address from the router.
I suppose I can go and specify ip addresses for each computer and create a "nite-time" rc.firewall file, but I was hoping to be able to specify dates and times each user is allowed ip forwarding. (kind of like you can do with active directory on a windows server).
|
I think netfilter's time extension is the best solution. As Capt_Caveman said, it's not included by default and requires to be applied by patch-o-matic (or by hand) and recompiling kernel. After that a rule like below would help you..
iptables -I FORWARD -s XXX.XXX.XXX.XXX \
-m time --timestart 21:00 --timestop 23:00 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j REJECT
But notice that! When you insert a rule to be valid between 21:00 and 08:00, iptables will just allow the traffic NOT in 21-8. I don't know why but it doesn't understand that we want to say 21 to 8 in the morning. Maybe this could be pathced.
You can also apply rules like these in your child's computer. I hope (s)he doesn't know iptables :-)