Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall rules definition file

    Firewalling
    5
    6
    6.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sirocco
      last edited by

      Where are stored firewall rules? I will change these rules with cron scripts to allow/disallow p2p overnight.

      Regards,

      Robert

      1 Reply Last reply Reply Quote 0
      • J
        jeroen234
        last edited by

        config.xml

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by

          you might want to have a look at this from the m0n0 wiki http://wiki.m0n0.ch/wikka.php?wakka=PoorMansTimeBasedRules and do something similiar to this. however this is somehow "dirty"  ;)

          1 Reply Last reply Reply Quote 0
          • M
            mtnbkr
            last edited by

            @hoba:

            you might want to have a look at this from the m0n0 wiki http://wiki.m0n0.ch/wikka.php?wakka=PoorMansTimeBasedRules and do something similiar to this. however this is somehow "dirty"  ;)

            Ouch!  "dirty"?  That hurts!  :(

            the choice was to either "do nothing" or "solve the problem" when my client required a time-based rules solution and I didn't want to move away from m0n0wall and the WRAP it was recently installed on.

            I know this is the wrong forum for m0n0wall discussions, but I would appreciate comments/suggestions.  I realize that my solution is pretty "unorthodox" - but "dirty?"

            At least I advocated HTTPS and protecting the script and .wgetrc file.

            heh  :)

            –
            Bill Arlofski
            mtnbkr on #m0n0wall on Freenode irc

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by

              Sorry, I really didn't want to say your work sucks but you also called it "poor man's timebased rules". Maybe "dirty" wasn't the right word for this, it's just not integrated and might be a bit complicated for the novice user. I apologize for that  :'(

              1 Reply Last reply Reply Quote 0
              • T
                thuskey
                last edited by

                Here are my parental control rules, maybe this will help get you started.

                /root/parental:

                #!/bin/sh

                /bin/date >> /root/parental.out

                case $1 in

                goodnight) echo "blocking children";
                        /sbin/kldload ipfw ;
                        /sbin/ipfw add 5 deny tcp from 192.168.1.202 to any;
                        /sbin/ipfw add 5 deny tcp from 192.168.1.205 to any;;

                goodmorning) echo "allowing children";
                        /sbin/kldunload ipfw ;;

                *) echo "nothing to do";;

                esac
                exit 0

                crontab:

                home brew parental control

                59 20 * * 0-4 /root/parental goodnight >> /root/parental.out
                59 23 * * 5-6 /root/parental goodnight >> /root/parental.out
                59 5 * * * /root/parental goodmorning  >> /root/parental.out

                Just for clarification:

                1. the PF rules that you setup in the web gui take priority before the ipfw rules.
                2. this example will not coexist with the captive portal without modification, which I do not use anyway.

                Travis Huskey
                http://www.travishuskey.com

                Independent Associate
                PrePaid Legal Services, Inc.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.