On 9/24/05, Kiraly Zoltan <[EMAIL PROTECTED]> wrote: > I want to build a home network using OpenBSD as gateway. A child in > network have a computer, and like to surf the Internet. I want to drop > her Internet connection at night (11:00AM) because the child don't go to > sleep. > > I don't want to unplug the network cable, i need to do this job with > OpenBSD. > > Exist a proxy server or solution which limit the Internet connection > using time? An example: Drop internet connection at 11:AM night and > allow Internet at 6:00 AM morning. >
If your kids just want to view websites and anonymous ftp sites then the easiest way is to install squid cache proxy from packages. in /etc/squid/squid.conf you will have the option to give time based ACLs. no need of cron, pfctl, multiple pf.confs etc. After you install squid from packages it displays you a few lines that you should put in your /etc/rc.local to start squid at boot time. and edit /etc/squid/squid.conf and use the time acl with http_access to restrict access at differrent times. -------------------- acl aclname time [day-abbrevs] [h1:m1-h2:m2] # day-abbrevs: # S - Sunday # M - Monday # T - Tuesday # W - Wednesday # H - Thursday # F - Friday # A - Saturday # h1:m1 must be less than h2:m2 # TAG: http_access # Allowing or Denying access based on defined access lists # # Access to the HTTP port: # http_access allow|deny [!]aclname ... # # NOTE on default values: # # If there are no "access" lines present, the default is to deny # the request. # # If none of the "access" lines cause a match, the default is the # opposite of the last line in the list. If the last line was # deny, the default is allow. Conversely, if the last line # is allow, the default will be deny. For these reasons, it is a # good idea to have an "deny all" or "allow all" entry at the end # of your access lists to avoid potential confusion. # #Default: # http_access deny all # #Recommended minimum configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # ------------------------------------------------------------------------------------- Just read the squid.conf file it is self explanatory :-) hope this helps Kind Regards Siju
