Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
W
W
wmsin2015-11-26 10:52:45
Network administration
wmsin, 2015-11-26 10:52:45

Disable internet on OpenWRT schedule?

The crux of the matter is that there is such a scheme for connecting a computer to the Internet
8190cbba8d17435fa3b12300a5f316f4.jpg
, you need to block access to the Internet at the address
192.168.

iptables -A INPUT -s 192.168.1.52 -m time --localtz --timestart 08:00:00 --timestop 11:00:00 -j DROP

the rule appears in the status table, but the Internet is not blocked, did tcpdump - I see requests from the address, what could I have done wrong ???
How to block the internet???
UPD: OpenWrt can only be installed on an access point ...
UPD +: to correctly indicate the time, I write the --localtz key, OpenWrt Attitude Adjustment version 12.09-rc1

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
M
Max, 2015-11-26
@MaxDukov

about! there is time without seconds!
and there time in UTC - mind you

Report
W
wmsin, 2015-11-26
@wmsin

Is the time in OpenWrt set to Moscow (+3 hours), or do you still need to add it ??
indicated without seconds - there is little
point even if you do not specify the time, the traffic does not block
, maybe some modules need to be installed, now it is only iptables-mod-ipopt to use -m time

Report
R
RTFM13, 2016-11-01
@RTFM13

The -A INPUT option adds a rule to the end of a chain of existing rules. If ACCEPT has already been applied to this type of traffic in this chain, then the traffic is not processed further and does not reach your rule.
In addition, transit traffic is processed in the FORWARD chain, and in the INPUT chain, only traffic addressed directly to the router itself.
Apparently, instead of "-A INPUT" you need to write "-I FORWARD 1".
This will most likely work, but it's not correct. the OpenWRT firewall has its own rule chain structure. You can see it if you go to the console and write iptables -t filter -L -n -v
The chain you are interested in is probably called forwarding_lan_rule. I recommend reading the documentation on iptables and studying the structure of the openwrt firewall. Well, or try to configure the desired rule through the web interface (not the fact that this is possible).

Similar questions
G
Grigory Zhdanov2014-10-21 19:34:24
How to make OpenWrt work with 3G modem? 1Reply
U
Urukhayy2014-10-22 16:24:30
Why is there no maildir folder? 0Reply
O
OSMacWin2014-10-23 12:49:28
How to set up video broadcast? 1Reply
D
Dmitry Treiserov2019-03-21 09:54:03
Why do I see a bunch of other networks outside my factory, moreover my country? 6Reply
K
keypax2014-10-24 10:14:16
Which router is suitable for sharing access to two networks: Internet and local? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question