Hello,
On Tuesday 19 February 2002 09:31, Felipe Cerqueira wrote: > Hello all, > I have a question about the TIME PATCH for iptables. > This patch allow rules that just have effect in a certain period of time, > we have to give some arguments timestart, timestop and day of week. > My question is: > I need to build a rule where i just pass 2 arguments: timestart and > timestop, i.e. , day of week is ignored. This rule has a valid period > which is determined by timestart and timestop, i.e, the rule desappear > after this period. Well, you can make that day of the week is ignored by simply specifying _all_ the day of the weeks in the same line, then this part of the test will always return true, and only the time part will be taken into account for the match decision. However, the rule will never be deleted, rather than that, it will stop matching that's all. > Is it possible construct this rule by any alteration of code? > Anybody already try to do this? I doubt it's possible for me to modify the code so that the rule auto-delete itself. First I don't know enough the data structure in which the rules are contained in kernel-space, and second, from what I can recall from the netfilter developper workshop talk (might be wrong though), it's not using chained-list, and therefore would be more than tricky for the rule to auto-delete itself. Probably, a couple of words from a member of a core team member would be nice to clarify/backup ... Have a nice day, Fabrice. -- Fabrice MARIE Senior R&D Engineer Celestix Networks http://www.celestix.com/ "Silly hacker, root is for administrators" -Unknown
