piezomotor
28-12-2007, 16:46
Hi, I refer to this forum: http://forum.x-wrt.org/index.php/topic,403.0.html
I would like to adapt this Internet restriction / parental control to my WL-500gP.
They were having such scripts:
control-internet.sh
#!/bin/sh
################################################## #########
# Control access from the LAN to the Internet (WAN)
#
# This script must be adapted to your configuration to fit your needs
# It can be used in a cron job or by the Webif^2 page Misc/Restrictions
#
# Usage: control-internet.sh [status|open|close|explain]
# status Returns 0 if traffic is allowed to the Internet
# open Open traffic to the Internet
# close Block traffic to the Internet
# explain Print info on stations blocked
#
# Author: Pierre Métras <p.metras@videotron.ca>
################################################## #########
case "$1" in
"status")
status=$(/usr/sbin/iptables -nvL | grep "DROP" | grep "192.168.1.3")
if [ "$status" = "" ]; then
exit 0
else
exit 1
fi
;;
"explain")
# Print information on blocked workstations
echo "192.168.1.3 (archibald) 192.168.1.4 (esmeralda)"
exit 0
;;
"open")
# Drop all rules blocking Internet access
/usr/sbin/iptables -D forwarding_rule -s 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -D forwarding_rule -d 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -D forwarding_rule -s 192.168.1.4 -j DROP 2> /dev/null
/usr/sbin/iptables -D forwarding_rule -d 192.168.1.4 -j DROP 2> /dev/null
exit 0
;;
"close")
# Add iptables rules to block Internet traffic
# If cutter package installed, then cut active connections
# cutter: http://www.lowth.com/cutter/
if [ -x /usr/sbin/cutter ]; then
/usr/sbin/cutter 192.168.1.3 2> /dev/null
/usr/sbin/cutter 192.168.1.4 2> /dev/null
fi
/usr/sbin/iptables -I forwarding_rule -s 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -I forwarding_rule -d 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -I forwarding_rule -s 192.168.1.4 -j DROP 2> /dev/null
/usr/sbin/iptables -I forwarding_rule -d 192.168.1.4 -j DROP 2> /dev/null
exit 0
;;
*)
echo "Usage: $0 [status|open|close]"
echo " status Status of bridge to the Internet (0 = open)"
echo " open Open traffic to the Internet"
echo " close Block traffic to the Internet"
echo " explain Print information on blocked hosts"
;;
esac
and also it would be nice to add an extra html internet control page:
misc-restrictions.sh
#!/usr/bin/webif-page
<?
################################################## #################
# Internet Access Restrictions
#
# Description:
# Allow or restrict Internet access.
#
# Call the user customized script /etc/control-internet.sh
# with the arguments "open", "close", "status" or "explain"
# to allow or not access to the Internet.
#
# Author(s) [in order of work date]:
# Pierre Metras <p.metras@videotron.ca>
#
# Major revisions:
# v1 Initial release
# v2 Better use of Webif controls
# Explain which hosts are controlled
#
# NVRAM variables referenced:
# None
#
# Configuration files referenced:
# None
#
# Satelite file:
# /etc/control-internet.sh must be adapted by the user to her
# network configuration.
################################################## #################
. /usr/lib/webif/webif.sh
header "Misc" "Restrictions" "@TR<<Restrictions>>" '' "$SCRIPT_NAME"
# Name of the satelite script
CONTROLINTERNET=/etc/control-internet.sh
# Initial Internet bridge status
################################
$CONTROLINTERNET status
status=$?
# Execute open/close action
###########################
case "$FORM_action" in
close)
if [ "$status" -eq "0" ]; then
$CONTROLINTERNET close
fi
;;
open)
if [ "$status" -eq "1" ]; then
$CONTROLINTERNET open
fi
;;
esac
explain=$($CONTROLINTERNET explain)
# New Internet bridge status
############################
$CONTROLINTERNET status
status=$?
if [ "$status" -eq "0" ]; then
statusmsg="@TR<<Internet access is currently open...>>"
selected="close"
else
statusmsg="@TR<<Internet access is currently closed...>>"
selected="open"
fi
# Display form
##############
display_form <<EOF
formtag_begin|controlinternet|$SCRIPT_NAME
start_form|@TR<<Internet Access>>
field|@TR<<Hosts>>
string|$explain
field
caption|$statusmsg
field|@TR<<Action>>
radio|action|$selected|close|@TR<<Close>>
radio|action|$selected|open|@TR<<Open>>
string| <input type="submit" value="@TR<<Submit>>" />
helptext|Internet-restriction#Select (Close) or (Open) buttons to allow or restrict Internet access.<br />You must adapt the file '$CONTROLINTERNET' to your configuration. Click the link below to edit this file.
helplink|http://$(nvram get lan_ipaddr)/cgi-bin/webif/system-editor.sh?path=/etc&edit=$CONTROLINTERNET
end_form
formtag_end
EOF
footer
?>
<!--
##WEBIF:name:Misc:100:Restrictions
-->
I did some adjustments to the above files and it looks like cron works. I can not ping the archibald or esmeralda but I can ping my ASUS.
The problem here is the cutter. Now my question would be how to install it?
Any help appreciated.
Thanks.
I would like to adapt this Internet restriction / parental control to my WL-500gP.
They were having such scripts:
control-internet.sh
#!/bin/sh
################################################## #########
# Control access from the LAN to the Internet (WAN)
#
# This script must be adapted to your configuration to fit your needs
# It can be used in a cron job or by the Webif^2 page Misc/Restrictions
#
# Usage: control-internet.sh [status|open|close|explain]
# status Returns 0 if traffic is allowed to the Internet
# open Open traffic to the Internet
# close Block traffic to the Internet
# explain Print info on stations blocked
#
# Author: Pierre Métras <p.metras@videotron.ca>
################################################## #########
case "$1" in
"status")
status=$(/usr/sbin/iptables -nvL | grep "DROP" | grep "192.168.1.3")
if [ "$status" = "" ]; then
exit 0
else
exit 1
fi
;;
"explain")
# Print information on blocked workstations
echo "192.168.1.3 (archibald) 192.168.1.4 (esmeralda)"
exit 0
;;
"open")
# Drop all rules blocking Internet access
/usr/sbin/iptables -D forwarding_rule -s 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -D forwarding_rule -d 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -D forwarding_rule -s 192.168.1.4 -j DROP 2> /dev/null
/usr/sbin/iptables -D forwarding_rule -d 192.168.1.4 -j DROP 2> /dev/null
exit 0
;;
"close")
# Add iptables rules to block Internet traffic
# If cutter package installed, then cut active connections
# cutter: http://www.lowth.com/cutter/
if [ -x /usr/sbin/cutter ]; then
/usr/sbin/cutter 192.168.1.3 2> /dev/null
/usr/sbin/cutter 192.168.1.4 2> /dev/null
fi
/usr/sbin/iptables -I forwarding_rule -s 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -I forwarding_rule -d 192.168.1.3 -j DROP 2> /dev/null
/usr/sbin/iptables -I forwarding_rule -s 192.168.1.4 -j DROP 2> /dev/null
/usr/sbin/iptables -I forwarding_rule -d 192.168.1.4 -j DROP 2> /dev/null
exit 0
;;
*)
echo "Usage: $0 [status|open|close]"
echo " status Status of bridge to the Internet (0 = open)"
echo " open Open traffic to the Internet"
echo " close Block traffic to the Internet"
echo " explain Print information on blocked hosts"
;;
esac
and also it would be nice to add an extra html internet control page:
misc-restrictions.sh
#!/usr/bin/webif-page
<?
################################################## #################
# Internet Access Restrictions
#
# Description:
# Allow or restrict Internet access.
#
# Call the user customized script /etc/control-internet.sh
# with the arguments "open", "close", "status" or "explain"
# to allow or not access to the Internet.
#
# Author(s) [in order of work date]:
# Pierre Metras <p.metras@videotron.ca>
#
# Major revisions:
# v1 Initial release
# v2 Better use of Webif controls
# Explain which hosts are controlled
#
# NVRAM variables referenced:
# None
#
# Configuration files referenced:
# None
#
# Satelite file:
# /etc/control-internet.sh must be adapted by the user to her
# network configuration.
################################################## #################
. /usr/lib/webif/webif.sh
header "Misc" "Restrictions" "@TR<<Restrictions>>" '' "$SCRIPT_NAME"
# Name of the satelite script
CONTROLINTERNET=/etc/control-internet.sh
# Initial Internet bridge status
################################
$CONTROLINTERNET status
status=$?
# Execute open/close action
###########################
case "$FORM_action" in
close)
if [ "$status" -eq "0" ]; then
$CONTROLINTERNET close
fi
;;
open)
if [ "$status" -eq "1" ]; then
$CONTROLINTERNET open
fi
;;
esac
explain=$($CONTROLINTERNET explain)
# New Internet bridge status
############################
$CONTROLINTERNET status
status=$?
if [ "$status" -eq "0" ]; then
statusmsg="@TR<<Internet access is currently open...>>"
selected="close"
else
statusmsg="@TR<<Internet access is currently closed...>>"
selected="open"
fi
# Display form
##############
display_form <<EOF
formtag_begin|controlinternet|$SCRIPT_NAME
start_form|@TR<<Internet Access>>
field|@TR<<Hosts>>
string|$explain
field
caption|$statusmsg
field|@TR<<Action>>
radio|action|$selected|close|@TR<<Close>>
radio|action|$selected|open|@TR<<Open>>
string| <input type="submit" value="@TR<<Submit>>" />
helptext|Internet-restriction#Select (Close) or (Open) buttons to allow or restrict Internet access.<br />You must adapt the file '$CONTROLINTERNET' to your configuration. Click the link below to edit this file.
helplink|http://$(nvram get lan_ipaddr)/cgi-bin/webif/system-editor.sh?path=/etc&edit=$CONTROLINTERNET
end_form
formtag_end
EOF
footer
?>
<!--
##WEBIF:name:Misc:100:Restrictions
-->
I did some adjustments to the above files and it looks like cron works. I can not ping the archibald or esmeralda but I can ping my ASUS.
The problem here is the cutter. Now my question would be how to install it?
Any help appreciated.
Thanks.