Re: Limiting internet access by time
On Fri, Aug 05, 2016 at 03:49:28PM +0000, Mark Fletcher wrote:
> On Fri, Aug 5, 2016 at 11:04 PM Brian <ad44@cityscape.co.uk> wrote:
>
> I didn't mention earlier, and I'm not sure if it is relevant, but the
> computer connects via WiFi to my access point, which is also my network's
> internet gateway -- with an LFS box between it and the cable modem as a
> dedicated firewall. I don't trust the non-free firewall in the AP, although
> I have left it on. The rest of my network is not to be subject to this 9pm
> curfew. And I would ideally like connectivity between this machine and the
> rest of my local network to remain even when the internet is denied to this
> machine, so I can do remote maintenance when he's not using the machine,
> for example.
I have a new suggestion, based on this.
Do all the filtering on your LFS box.
Match your kid's machine by MAC address.
Write two tiny scripts:
#!/bin/sh
iptables -D FORWARD -m mac --mac-source 58:63:1a:af:71:72 -j DROP
#!/bin/sh
iptables -I FORWARD -m mac --mac-source 58:63:1a:af:71:72 -j DROP
(substituting in the appropriate MAC address for the machine, of
course)
and run the first one at 9 PM to disable internet access, and
run the second one at 8 AM or whatever to re-enable it. Cron is
your friend.
-dsr-
Reply to: