You are not logged in.
- Topics: Active | Unanswered
#1 2012-06-08 09:42:09
- bmentink
- Member
- From: New Zealand
- Registered: 2009-08-23
- Posts: 442
Shorewall timed reject rules [SOLVED]
Hi All,
I am wanting to limit my daughters access to facebook to certain times of the day. I have managed to achieve this for
one time slot in the day by doing the following rule:
REJECT loc:192.168.0.30 net:69.171.224.0/19,69.63.176.0/20,66.220.144.0/20 - - - - - - - -timestart=20:30×top=20:00&localtz
This works fine to limit access except from 8pm till 8:30pm
However, I would like to add another time slot in a different part of the day ... can I just add some more "timestart" "timestop" entries? If so, please provide an example
Cheers,
Bernie.
Last edited by bmentink (2012-06-11 04:50:34)
Offline
#2 2012-06-08 17:10:30
- geekinthesticks
- Member
- From: England
- Registered: 2011-09-21
- Posts: 143
- Website
Re: Shorewall timed reject rules [SOLVED]
Not answering your question directly:) However, have you considered setting up squid as a transparent proxy? It's great for this sort of thing.
Offline
#3 2012-06-08 21:03:03
- bmentink
- Member
- From: New Zealand
- Registered: 2009-08-23
- Posts: 442
Re: Shorewall timed reject rules [SOLVED]
Not answering your question directly:) However, have you considered setting up squid as a transparent proxy? It's great for this sort of thing.
Hi, yes considered squid ... however I could not see how to set up timed access in squid .... after having a quick look at the docs ..
Offline
#4 2012-06-09 07:20:14
- geekinthesticks
- Member
- From: England
- Registered: 2011-09-21
- Posts: 143
- Website
Re: Shorewall timed reject rules [SOLVED]
Here's an extract from my squid.conf
# BBC iPlayer
acl iplayer url_regex .bbc.co.uk/iplayer
acl john src 192.168.0.40
acl video_hours time D 20:30-23:00
http_access deny john iplayer !video_hours
http_access allow localhost
http_access allow my_networks
# And finally deny all other access to this proxy
http_access deny allWhat it does is only allow access for john to iPlayer between 20:30-23:00.
Offline
#5 2012-06-09 08:01:40
- bmentink
- Member
- From: New Zealand
- Registered: 2009-08-23
- Posts: 442
Re: Shorewall timed reject rules [SOLVED]
Hey, thanks for that .. will try it out ..
Oh, by the way .. the "time" in that rule, is that localtime UTC etc
and how would I set two periods of time that access was allowed, i.e in:
>acl video_hours time D 20:30-23:00
can you enter more than one time period?
EDIT: I tried the above, and it denied access to facebook fine, but did not open access at 8:30 local time anyway ..
Last edited by bmentink (2012-06-10 02:40:20)
Offline
#6 2012-06-11 04:50:18
- bmentink
- Member
- From: New Zealand
- Registered: 2009-08-23
- Posts: 442
Re: Shorewall timed reject rules [SOLVED]
Found my issue was the "D" in the line: acl video_hours time D 20:30-23:00
The "D" is an optional "Day" field, it should be other characters if this rule applies to some days only, removed it and all is fine ...
Marking solved.
Offline