Hi,
I would like to know if it's possible to have this feature in a future release. Basically dropping all existing TCP/UDP connections as soon as time-of-day Firewall>Restriction becomes enforcing for the particular IPs. Thanks
Drop existing TCP/UDP when time-of-day restriction activates
Moderator: Moderators
Re: Drop existing TCP/UDP when time-of-day restriction activ
Make a firewall script and execute it with cron.
Re: Drop existing TCP/UDP when time-of-day restriction activ
Appreciate your suggestion, powerlogy. But how do you implement it on a WNDR3700 v1 router running Gagoyle v1.5.10?
Re: Drop existing TCP/UDP when time-of-day restriction activ
in /etc/config/firewall, add this line end of the file
create a new file at /etc/firewall.custom , add any value at first line and save.
create a new file at /etc/init.d/firewall.custom , add this lines
and make a cron jon about it at /etc/crontabs/root
execute at 22:00, everyday and drop connections.
execute at 09:00, allow all connections
i didn't tested it yet.I made some fixes.
Code: Select all
config include
option path '/etc/firewall.custom'
Code: Select all
example
Code: Select all
#!/bin/sh /etc/rc.common
# Copyright (C) 2008-2010 OpenWrt.org
START=45
restart() {
echo 'iptables --flush' > /etc/firewall.custom
echo 'iptables -P INPUT DROP' >> /etc/firewall.custom
echo 'iptables -P FORWARD DROP' >>> /etc/firewall.custom
echo 'iptables -P OUTPUT DROP' >>>> /etc/firewall.custom
/etc/init.d/firewall reload
}
stop() {
echo '' > /etc/firewall.custom
echo '' >> /etc/firewall.custom
/etc/init.d/firewall reload
}
execute at 22:00, everyday and drop connections.
Code: Select all
0 22 * * * /etc/init.d/firewall.custom restart
Code: Select all
0 9 * * * /etc/init.d/firewall.custom stop
Re: Drop existing TCP/UDP when time-of-day restriction activ
powerlogy, it might do the trick but looks like it drops all the connections instead of those from certain PCs being time restricted. However, I get the idea. Thanks.