Îãðàíè÷åíèå äîñòóïà ê èíòåðíåòó ïî ðàñïèñàíèþ

Quote:

Originally Posted by MercuryV

TReX, çà÷åì æå òàê ñóðîâî ñîâåòîâàòü, à åñëè óæå áûë, ê ïðèìåðó, ôàéë post-mount ??? çàòðåòñÿ æå
äåëüíûì ñîâåòîì ÿâëÿåòñÿ ïåðâàÿ ñòðî÷êà

Code:

mkdir -p /usr/local/sbin/

âîçìîæíî ôàéë post-firewall íå ñîçäàëñÿ êàê ðàç èç-çà îòñóòñòâèÿ êàòàëîãà.

) è ãäå ëîãèêà? áûë ôàèë, íî íå áûëî êàòàëîãà â êîòîðîì îí ëåæèò?

Quote:

Originally Posted by TReX

) è ãäå ëîãèêà? áûë ôàèë, íî íå áûëî êàòàëîãà â êîòîðîì îí ëåæèò?

Ëîãèêà î÷åíü ïðîñòàÿ - àâòîð íå ñìîã èëè íå çàõîòåë ïðî÷èòàòü FAQ, à òàêæå ñîîáùåíèÿ îá îøèáêàõ øåëëà. Áîëåå òîãî, äîñòàòî÷íî ïîñìîòðåòü íà âûâîä iptables-save, ÷òîáû ïîíÿòü ÷òî ÝÒÎ íå ìîæåò áûòü shell-ñêðèïòîì...

Òâî¸ ïðåäëîæåíèå - íà÷àòü âñ¸ ñ íóëÿ, à MercuryV ïûòàåòñÿ(-ëñÿ) ïðîéòè ïî øàãàì.

Quote:

Originally Posted by lly

Ëîãèêà î÷åíü ïðîñòàÿ - àâòîð íå ñìîã èëè íå çàõîòåë ïðî÷èòàòü FAQ, à òàêæå ñîîáùåíèÿ îá îøèáêàõ øåëëà. Áîëåå òîãî, äîñòàòî÷íî ïîñìîòðåòü íà âûâîä iptables-save, ÷òîáû ïîíÿòü ÷òî ÝÒÎ íå ìîæåò áûòü shell-ñêðèïòîì...

Òâî¸ ïðåäëîæåíèå - íà÷àòü âñ¸ ñ íóëÿ, à MercuryV ïûòàåòñÿ(-ëñÿ) ïðîéòè ïî øàãàì.

Ïðîâåðèë íà äðóãîì ðîóòåðå â post-firewall âèñèò:

Code:

-A FORWARD -p tcp -m time --timestart 09:00:00 --timestop 13:00:00 --weekdays Mon,Tue,Wed,Thu,Fri -m webstr --url vk.com -j DROP -A FORWARD -p tcp -m time --timestart 14:00:00 --timestop 17:00:00 --weekdays Mon,Tue,Wed,Thu,Fri -m webstr --url vk.com -j DROP

íî íå îòðàáàòûâàåò, äîñòóï ïî ïðåæíåìó åñòü :/ ñîâñåì íå ïîõîæå, ÷òî Internet Firewall - URL Filter ÷åðåç post-firewall ðàáîòàåò :(

Quote:

Originally Posted by PTZ-M

íî íå îòðàáàòûâàåò

Â ïåðâîé ñòðîêå post-firewall åñòü óêàçàíèå, ÷òî ôàéë íóæíî èíòåðïðåòèðîâàòü?

http://www.linuxtime.org/media/linux...go_100x100.png

Code:

#!/bin/sh

1 Attachment(s)

Quote:

Originally Posted by MercuryV

Â ïåðâîé ñòðîêå post-firewall åñòü óêàçàíèå, ÷òî ôàéë íóæíî èíòåðïðåòèðîâàòü?

Code:

#!/bin/sh

Äåéñòâèòåëüíî îòñóòñòâîâàëî, íî òîëêó íå ïðèíåñëî...

Ïîïðîáîâàë ÷åðåç ìîðäó ñîçäàòü ïðàâèëî:

Attachment 9162

Â Status & Log - Diagnostic Information êàê ðàç åñòü ïîõîæàÿ ñòðî÷êà, â îòëè÷èè îò post-firewall:

Code:

IP Tables Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 80 3668 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 2692 282K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 53 22788 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW 899 120K ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0 ctstate NEW 6 192 ACCEPT 2 -- * * 0.0.0.0/0 224.0.0.0/4 0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.0/4 udp dpt:!1900 76 19558 SECURITY all -- vlan2 * 0.0.0.0/0 0.0.0.0/0 ctstate NEW 1 330 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 0 0 BRUTE tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x17/0x02 0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.12.1 tcp dpt:80 6 333 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 529 packets, 39855 bytes) pkts bytes target prot opt in out source destination 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 webstr: url www.mega-porno.ru/ reject-with tcp-reset 68538 91M out_traffic all -- br0 * 0.0.0.0/0 0.0.0.0/0 36228 7726K in_traffic all -- * br0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- br0 br0 0.0.0.0/0 0.0.0.0/0 127 5080 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.0/4 126K 109M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 DROP all -- !br0 vlan2 0.0.0.0/0 0.0.0.0/0 9 436 SECURITY all -- !br0 * 0.0.0.0/0 0.0.0.0/0 ctstate NEW 9 436 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT 0 0 DROP all -- * br0 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 5134 packets, 2050K bytes) pkts bytes target prot opt in out source destination Chain BRUTE (1 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 recent: UPDATE seconds: 600 hit_count: 3 name: BRUTE side: source 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 recent: SET name: BRUTE side: source Chain MACS (0 references) pkts bytes target prot opt in out source destination Chain SECURITY (2 references) pkts bytes target prot opt in out source destination 9 436 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 1/sec burst 5 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 limit: avg 1/sec burst 5 4 471 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 3 192 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 69 18895 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain UPNP (0 references) pkts bytes target prot opt in out source destination Chain in_traffic (1 references) pkts bytes target prot opt in out source destination Chain logaccept (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW LOG flags 39 level 4 prefix `ACCEPT ' 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logdrop (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW LOG flags 39 level 4 prefix `DROP ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain out_traffic (1 references) pkts bytes target prot opt in out source destination

åñëè ïóñòèòü iptables-save:

Code:

-A INPUT -d 192.168.12.1/32 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -j DROP -A FORWARD -p tcp -m webstr --url www.mega-porno.ru/ -j REJECT --reject-with tcp-reset -A FORWARD -i br0 -j out_traffic

P.S. Â /tmp/local/ åñòü ôàéëû: inet_auto.sh, inet_off.sh, inet_on.sh Â êîòîðûõ êðèïòèêè îò èìåâøèõ ìåñòî âûøå èäåé êàê "óáèâàòü" äåòÿì èíòåðíåò. Ñèñòåìà ÷èòàÿ, êðîìå ïðîøè Îëåãîâîé è ïðîã äëÿ ÷àéíèêà íè÷åãî ñàìîñòîÿòåëüíî áîëüøå íå ïðèêðó÷èâàëîñü.

1 Attachment(s)

Òàê è íå ïîëó÷èâ òîëêó, ðåøèë çàéòè ñ äðóãîé ñòîðîíû è ñäåëàòü âñ¸ òîïîðíî:
Ñîçäàë àáñîëþòíûå ïðàâèëà:

Attachment 9180

Äîáàâèë èñêëþ÷åíèÿ:

Code:

nano /tmp/local/inet_auto.sh

Code:

iptables -I FORWARD -p tcp -m time --timestart 13:00:00 --timestop 14:00:00 --weekdays Mon,Tue,Wed,Thu,Fri -m webstr --url vk.com -j ACCEPT

Àâòîîòðàáîòêà ïðè ñòàðòå:

Code:

mv /tmp/local/inet_auto.sh /opt/etc/init.d/S99inet_rule.sh

Ïðèêðó÷èâàåì èñïîëíÿåìîñòü:

Code:

chmod +x /opt/etc/init.d/S99inet_rule.sh

Íó è âðåìåííóþ (íå÷åãî ïåðåä êîëëåãàìè ïàëèòüñÿ, ò.÷. ïóñü ïîâèñèò â îïåðàòèâå :) ) äûðêó ñåáå äåëàåì:

Code:

iptables -I FORWARD -p tcp -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT

Ïðîâåðÿåì íàëè÷èå ïðàâèë íà âñÿêèé:

Code:

iptables-save

P.S. ñòàëè æàëîâàòüñÿ, ÷òî äî 9 âñ¸ ðàâíî íå ïóñêàåò èíòåðíåò :confused: ïëþíóë, ãðîõíóë ãëîáàëüíûå ïðàâèëà è â S99inet_rule.sh ïðîïèñàë èõ âðó÷íóþ ñ ïîòèðàíèåì ïðåäûäóùåãî:

Code:

iptables -I FORWARD -p tcp -m time --timestart 09:00:00 --timestop 13:00:00 --weekdays Mon,Tue,Wed,Thu,Fri -m webstr --url vk.com -j DROP iptables -I FORWARD -p tcp -m time --timestart 14:00:00 --timestop 17:00:00 --weekdays Mon,Tue,Wed,Thu,Fri -m webstr --url vk.com -j DROP

Quote:

Originally Posted by TVadim

Åùå ïðîùå, áåç êðîíà, äîáàâèòü ïðàâèëî:

Code:

iptables -I FORWARD -m time --timestart 22:00:00 --timestop 06:00:00 --days Mon,Tue,Wed,Thu,Fri,Sun,Sat -s 192.168.1.55 -j DROP

Èëè åùå ïðîùå ÷åðåç âåá ìîðäó íàñòðîèòü LAN to WAN ôèëüòð, ÷òî ýêâèâàëåíòíî ýòîìó ïðàâèëó, íî ïîìåùåííîìó â îïòèìàëüíîå ìåñòî â òàáëèöå, à íå â íà÷àëî.

ïûòàþñü ââåñòè äàííóþ êîìàíäó, âûäàåò îøèáêó:
iptables v1.4.3.2: unknown option `--Days'
ìîÿ ïðîøèâêà: 1.9.2.7-rtn-r3300
Ïî âñåé âèäèìîñòè íå çíàåò êîìàíäó äýéñ, êàêóþ æå òîãäà èñïîëüçîâàòü?

Ðàçîáðàëñÿ ñàì, âìåñòî days, èñïîëüçîâàòü weekdays

êàê ñäåëàòü, ÷òîáû äîïóñòèì ñ 21-00 ïî 6-00 âñå çàïðîñû ñ îïðåäåëåííîãî ip ïåðåíàïðàâëÿëèñü òîëüêî íà îäèí ñàéò èëè îäíó ñòðàíèöó ñàéòà?

Äåíü äîáðûé âñåì!

Èìååòñÿ ASUS WL500GpV2, íà íåì ïðîøèâêà îò Îëåãà+ýíòóçèàñòû 1.9.2.7-rtn-r4772
Ïîäêëþ÷åí ê Èíòåðíåò ïî ñòàíäàðòíîìó WAN-ïîðòó.

Âîò òàêàÿ êîíñòðóêöèÿ (ñ ôèëüòðàöèåé ïî IP) ðàáîòàåò:
iptables -I FORWARD -m time --timestart 17:00:00 --timestop 17:05:00 --weekdays Mon,Tue,Wed,Thu,Fri,Sun,Sat -s 192.168.1.10 -j DROP

À âîò òàêàÿ (ñ ôèëüòðàöèåé ïî MAC) - íå ðàáîòàåò:
iptables -I FORWARD -m time --timestart 17:00:00 --timestop 17:05:00 --weekdays Mon,Tue,Wed,Thu,Fri,Sun,Sat -m mac --mac-source 00:11:12:18:25:43 -o ppp0 -j DROP
(ÌÀÊ-àäðåñ èçìåíåí).

À áåç àðãóìåíòîâ "-o ppp0", â òàêîì âèäå:
iptables -I FORWARD -m time --timestart 17:31:00 --timestop 17:32:00 --weekdays Mon,Tue,Wed,Thu,Fri,Sat,Sun -m mac --mac-source 00:11:12:18:25:43 -j DROP
ðàáîòàåò!

×òî-òî íå òàê ñ ýòèì "-o ppp0"... Íàâåðíîå, íåò òàêîãî èíòåðôåéñà (òî÷íåå - çîâåòñÿ îí èíà÷å). Â ÷åì âîîáùå èäåÿ çàäàâàòü âûõîäíîé èíòåðôåéñ, åñëè áåç ýòîãî ïàðàìåòðà âûõîä â Èíòåðíåò áëîêèðóåòñÿ, à âíóòðåííÿÿ ñåòü - äîñòóïíà?

Ëèíóêñ ÿ ïðàêòè÷åñêè íå çíàþ. Äîêóìåíòàöèþ íà iptables ïî÷èòàë, â ÷åì ïðè÷èíà - íå ïîéìó.

Ãì, à çà÷åì âàì " -o ppp0"?
-o - èñõîäÿùèé èíòåðôåéñ (-out-interface)
ppp0 - ïðîòîêîë PPPoE

P.S. à ÷òî âû âîîáùå õîòèòå ïîëó÷èòü:confused:

Quote:

Originally Posted by vet1969

×òî-òî íå òàê ñ ýòèì "-o ppp0"... Íàâåðíîå, íåò òàêîãî èíòåðôåéñà (òî÷íåå - çîâåòñÿ îí èíà÷å).

Òàê ïîñìîòðèòå, ÷òî ñêàæåò ifconfig

Quote:

Originally Posted by PTZ-M

Ãì, à çà÷åì âàì " -o ppp0"?

Äëÿ ïðåêðàùåíèÿ îòñûëêè çàïðîñîâ âî âíåøíèé ìèð.
Íåò çàïðîñîâ - íåò îòâåòîâ.

Quote:

Originally Posted by bbsc

Òàê ïîñìîòðèòå, ÷òî ñêàæåò ifconfig

Ìíå íåïîíÿòíî, êóäà äîëæåí íàïðàâëÿòüñÿ ïîòîê. ÈÌÕÎ - â êàêîé-òî Null...

ifconfig ñêàçàë ñëåäóþùåå:

PHP Code:

br0 Link encap:Ethernet HWaddr 00:22:15:13:AA:BA inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3689345 errors:0 dropped:0 overruns:0 frame:0 TX packets:2047726 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3063447921 (2.8 GiB) TX bytes:436672763 (416.4 MiB) eth0 Link encap:Ethernet HWaddr 00:22:15:13:AA:BA UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5743009 errors:0 dropped:0 overruns:0 frame:0 TX packets:5640069 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3593512290 (3.3 GiB) TX bytes:3554421943 (3.3 GiB) Interrupt:4 Base address:0x1000 eth1 Link encap:Ethernet HWaddr 00:22:15:13:AA:BA UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:19735 errors:0 dropped:0 overruns:0 frame:484848 TX packets:44910 errors:26 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3014748 (2.8 MiB) TX bytes:16184498 (15.4 MiB) Interrupt:13 Base address:0x5000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1 RX packets:5490 errors:0 dropped:0 overruns:0 frame:0 TX packets:5490 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2568623 (2.4 MiB) TX bytes:2568623 (2.4 MiB) vlan0 Link encap:Ethernet HWaddr 00:22:15:13:AA:BA UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3670918 errors:0 dropped:0 overruns:0 frame:0 TX packets:2040902 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3076305205 (2.8 GiB) TX bytes:440737709 (420.3 MiB) vlan1 Link encap:Ethernet HWaddr 00:22:15:13:AA:BA inet addr:111.11.112.123 Bcast:111.11.112.255 Mask:255.255.254.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2072079 errors:0 dropped:0 overruns:0 frame:0 TX packets:3599167 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:413831656 (394.6 MiB) TX bytes:3113684234 (2.8 GiB)

Íà "lo" îòïðàâëÿòü ïîòîê?

"Ðàáîòàåò\íå ðàáîòàåò" ïðîâåðÿë ïèíãîì yandex.ru ñ íîóòáóêà, ïîäêëþ÷åííîãî ÷åðåç Wi-Fi ê WL500GpV2.

Ïîýêñïåðåìåíòèðîâàë:
Ïî ïðåäâàðèòåëüíûì òåñòàì ïðåêðàñíî ðàáîòàåò "-o vlan1"

Âå÷åðîì ïðîâåðþ íà ðåàëèÿõ, êàê âñå áóäåò ðàáîòàòü.

Ñïàñèáî îòâåòèâøèì. ß òîëüêî ïðîáóþ ðàçîáðàòüñÿ.

Quote:

Originally Posted by vet1969

Ïî ïðåäâàðèòåëüíûì òåñòàì ïðåêðàñíî ðàáîòàåò "-o vlan1"

-o ppp0 - ýòî äëÿ ïîäêëþ÷åíèÿ ÷åðåç PPPoE/PPTP.
Âåðîÿòíî, ó Âàñ ïðÿìîå ïîäêëþ÷åíèå, ïîýòîìó èíòåðôåéñ vlan1.

È òàê, îò÷èòàþñü.
Ìíå î÷åíü ïîíðàâèëàñü êîíñòðóêöèÿhttp://wl500g.info/showthread.php?25...736#post193736 óâàæàåìîãî bbsc, è ÿ åå íåìíîãî ìîäèôèöèðîâàë ïîä ñâîè íóæäû, ïîñêîëüêó ×èëäðåíà ó ìåíÿ äâà, îäíîìó íóæíî ëîæèòñÿ ïîðàíüøå, à äðóãîìó ìîæíî ïîïîçæå è ó ñòàðøåãî èìååòñÿ êîìï, òåëåôîí è ïëàíøåò...
Ïîëó÷èëîñü âîò òàê, ïåðâûé âå÷åð - ïîëåò íîðìàëüíûé:
Â /usr/local/sbin/post-firewall ó ìåíÿ òîëüêî ýòî:

Code:

#!/bin/sh iptables -N Child1 iptables -A Child1 -j DROP iptables -N Child2 iptables -A Child2 -j DROP iptables -N Child3 iptables -A Child3 -j DROP iptables -I FORWARD -m mac --mac-source XX:XX:XX:XX:XX:01 -o vlan1 -j Child1 iptables -I FORWARD -m mac --mac-source XX:XX:XX:XX:XX:02 -o vlan1 -j Child2 iptables -I FORWARD -m mac --mac-source XX:XX:XX:XX:XX:03 -o vlan1 -j Child2 iptables -I FORWARD -m mac --mac-source XX:XX:XX:XX:XX:04 -o vlan1 -j Child2 iptables -I FORWARD -m mac --mac-source XX:XX:XX:XX:XX:05 -o vlan1 -j Child3 iptables -I FORWARD -m mac --mac-source XX:XX:XX:XX:XX:06 -o vlan1 -j Child3 ## Âêëþ÷àåì ðåáåíêó èíòåðíåò ïî âðåìåíè iptables -I Child1 -m time --timestart 10:00:00 --timestop 23:30:00 --weekdays Fri,Sat -j RETURN iptables -I Child2 -m time --timestart 10:00:00 --timestop 01:30:00 --weekdays Fri,Sat -j RETURN iptables -I Child3 -m time --timestart 08:00:00 --timestop 02:30:00 --weekdays Fri,Sat -j RETURN iptables -I Child1 -m time --timestart 08:00:00 --timestop 22:30:00 --weekdays Sun,Mon,Tue,Wed,Thu -j RETURN iptables -I Child2 -m time --timestart 08:00:00 --timestop 00:30:00 --weekdays Sun,Mon,Tue,Wed,Thu -j RETURN iptables -I Child3 -m time --timestart 08:00:00 --timestop 01:30:00 --weekdays Sun,Mon,Tue,Wed,Thu -j RETURN

Íà ýòàïå îòëàäêè â post-firewall ðàçìåñòèë çàêîìåíòèðîâàííóþ òàáëè÷êó ñ ÌÀÊàìè ìîèõ æåëåçîê. Êðîìå òîãî, Child3 - ýòî ìîè êîìï è íîóòáóê, äëÿ òåñòà, îòëàäêè è êîíòðîëÿ.
Èçÿùíîñòü êîíñòðóêöèè â òîì, ÷òî äëÿ êàæäîãî ðåáåíêà ìû îïèñûâàåì ÌÀÊè åãî æåëåçîê, à îòäåëüíî ñîñòàâëåÿåìîå ðàñïèñàíèå äåéñòâóåò äëÿ âñåõ ýòèõ æåëåçîê.

Ñêðèïòû äëÿ èñêëþ÷åíèé èç ðàñïèñàíèÿ (OFF; OFFF; ON) ïðåäëîæåííûå bbsc ÿ ïîêà òåñòèðóþ (èõ òàêæå òðè êîìïëåêòà - äëÿ êàæäîãî ðåáåíêà ñâîé íàáîð). Ó ìåíÿ åñòü ïîäîçðåíèå, ÷òî ñòîèò ìíå îäèí ðàç âêëþ÷èòü (ñêðèïòîì ON) äîñòóï ê Èíòåðíåò, è îí îñòàíåòñÿ âêëþ÷åííûì äî ïåðåçàãðóçêè ðîóòåðà, èëè äî îòìåíû ïðàâèëà. À ñêðèïò OFF ïðàâèëî çàïðåòà íå îòìåíÿåò, à äîáàâëÿåò åùå îäíî - ðàçðåøàþùåå (ÿ äóá â ýòîì âîïðîñå, ìîæåò êàê ðàç âñå áóäåò ïðàâèëüíî ðàáîòàòü...).

Äàáû äàëåêî íå èñêàòü, ïîêàæó ïðåäëîæåííûå bbsc ñêðèïòû çäåñü.
Ñêðèïò On1 (äëÿ ïåðâîãî ÷èëäðåíà):

Code:

#!/bin/sh iptables -F Child1 iptables -A Child1 -j RETURN iptables -L Child1 && echo -e "Internet äëÿ Child1 ÂÊëþ÷åí\n"

Ñêðèïò Off1:

Code:

#!/bin/sh iptables -F Child1 iptables -A Child1 -j DROP ### Âî âðåìÿ äåéñòâèÿ ëåòíåãî âðåìåíè ñðàáàòûâàåò íà 1 ÷àñ ïîçæå: iptables -I Child1 1 -m time --timestart 08:00:00 --timestop 22:00:00 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j RETURN echo iptables -L Child1 && echo -e "Internet äëÿ Child1 ñ 8 äî 22\n"

Íó è ñêðèïò Offf1:

Code:

#!/bin/sh iptables -F Child1 iptables -A Child1 -j DROP echo iptables -L Child1 && echo -e "Internet äëÿ Child1 ÂÛêëþ÷åí ÑÎÂÑÅÌ\n"

Âñå îïèñàííîå ïðîâåðÿëîñü íà ïîñëåäíåé ïðîøèâêå îò Îëåãà è Ýíòóçèàñòîâ (1.9.2.7-rtn-r4772). Ïîäêëþ÷åíèå ê Èíòåðíåò ïðîâàéäåðó ÷åðåç ñòàíäàðòíûé WAN-ïîðò, òèï ïîäêëþ÷åíèÿ - "Automatic IP". Äëÿ ðàáîòû âíåøíèé íàêîïèòåëü íå íóæåí (âèí÷åñòåð èëè ôëåøêà).

Quote:

Originally Posted by vet1969

Ó ìåíÿ åñòü ïîäîçðåíèå, ÷òî ñòîèò ìíå îäèí ðàç âêëþ÷èòü (ñêðèïòîì ON) äîñòóï ê Èíòåðíåò, è îí îñòàíåòñÿ âêëþ÷åííûì äî ïåðåçàãðóçêè ðîóòåðà, èëè äî îòìåíû ïðàâèëà. À ñêðèïò OFF ïðàâèëî çàïðåòà íå îòìåíÿåò, à äîáàâëÿåò åùå îäíî - ðàçðåøàþùåå

Âû âñ¸ ïðàâèëüíî ïîíÿëè. Òîëüêî OFF "åù¸ îäíî" íå äîáàâëÿåò, èáî ïåðåä äîáàâëåíèåì òàáëèöó îïóñòîøàåò.
Íàçíà÷åíèå ñêðèïòîâ çàäóìûâàëîñü òàêèì:
ON - äëÿ Âêëþ÷åíèÿ äîñòóïà âíå çàâèñèìîñòè îò âðåìåíè.
OFFF - äëÿ ÂÛêëþ÷åíèÿ äîñòóïà âíå çàâèñèìîñòè îò âðåìåíè.
OFF - äëÿ îòìåíû äåéñòâèÿ ON/OFFF è ïåðåõîäà ê îãðàíè÷åíèþ ïî âðåìåíè ïî óìîë÷àíèþ.

Ñêðèïòû çàïóñêàëèñü ñ òåëåôîíà (ñ óëèöû, èç ìàðøðóòêè, àâòîìîáèëÿ, â ò.÷. âî âðåìÿ ðàçãîâîðà ñ ðåáåíêîì), ïîýòîìó êîðîòêèå íàçâàíèÿ è áîëüøèå áóêâû äëÿ èñêëþ÷åíèÿ ïóòàíèöû.