Firewall Rule Schedule
-
Wow intersting suggestion. Looks like I have a lot of learning to do. Would you happen to have a pointer to some documentation on Radius and captive portal within pfsense? Not a biggie if you don't, I'll look around anyway the captive portal forum.
thanks,
-
There are some tutorials about captive portal at our tutorial section: http://pfsense.com/index.php?id=36
-
I tried those links but none of them work. They just hang and never actually load anything. I tried the NCSA and the untouchables. Do you know of one that actually works?
thanks,
-
All of them work. You need flash as they are movies.
-
I have flash as other websites with flash work, and I don't get any prompting saying I need to download macromedia. Not sure what is wrong. I just get a blanks square with a click to activate dialog. After clicking it just hangs. If I disable flash, then I don't get the click to update dialog.
thanks anywy,
-
They work for me. Are you using Firefox or IE?
-
IE
-
Try Firefox. Works for me under it, and it's the best browser there is ;).
-
I too am intersted in this type of a feature. My bro-in-law and I are just trying to get this to work, as I want to limit my childrens access to the internet to "normal" hours. Here is our idea/progress.
We want to be able to set a begin and end time for each rule. We plan on using the enable button to effect the change. Upon the creation/modification for a rule we will create a new crontab file, if the begin/end times are blank, then nothing is written to the cron tab file for that rule. If they are filled in then entries in the crontab will be created for each begin/end time. This way we don't have to poll, just refresh the webpage at the given times in the rules table.
Status:
Add two columns to the firewall rules sheet to specify the begin/end times per rule (done)
Modify the web page so that the enable sets itself properly accorrding to the times set for the rule (done)
Write a contab file containing all the start/stop times. (done)What we have left to do is to get cron to read the crontab and refresh the webpage. For testing we did this from an XP machine, to refresh the webpage and see that the rule enable is set properly. This method requires you to log in everytime. Any suggestions on how to get this to work from a cron run and to get past the login authenticaton without leaving a huge security whole? When this last piece is done, it will be working.
Suggestions welcome for this last piece or comments if we have done something completely wrong.
thanks,
For this purpose, you can use IPCop with URL Filter add on.
I used IPCop for this purpose.
And my IPCop is behind pfsense, which supports multi-wan function. -
I use time based rules in a Juniper/Netscreen Firewall for a few reasons. I cannot use captive portal because I am not limiting just port 80, I have programs that use other ports and are unattended. But I am also limiting bandwidth per rule also. So that during business hours the firewall throttles to a lower bandwitdh than during the night for those ports. Aren't online backups fun.
Instead of refreshing some web page have your cron job either modify and apply /tmp/rules.debug or directly change the running rules at the times you specify.
It would be nice, but that would mean that traffic shapper would have to be used per rule and also have sheduling.
I am not holding my breath on this feature set. :PpfSense is a good firewall and I use it in most places.
-
I am working on this right now for HEAD version. I'll keep posted how my progress goes and when it will be available in releng.