Rich Wales wrote: > I'm currently using Shorewall 3.4.1 to manage a firewall for my LAN at > home. It works very well, and I'm definitely pleased, but . . . . > > I now have a situation where I need to enforce access restrictions on > a specific computer during specific times of day -- e.g., a particular > computer might have no Internet access at all between 10 PM and 6 AM. > > Is there any way to do such a thing using Shorewall? If not, can anyone > suggest another tool I could try using on my firewall to do this? > > I know I could use something like SquidGuard to limit web browsing from > specific systems during specific time ranges, but I need to limit other > forms of access too (e.g., IM chatting). >
Run cron jobs that do this at 10 PM:
shorewall reject <ip address>
and do this at 6 AM
shorewall allow <ip address>
You'll want BLACKLISTNEWONLY=No in shorewall.conf
Other people do this with two shorewall configurations, one for day and one
for night. Then, at 10PM:
shorewall restart /etc/shorewall.night
And at 6AM
shorewall restart /etc/shorewall.day
The .day and .night directories only need to contain the config files that
are different between day and night (probably just the rules file).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
