Enable/Disable FW Rule based on IP being up/down



  • I am not sure if this can be done with any firewall, none of the ones I work with have this ability but was keen to know if anyone knows if something like this could be done.

    I would like to be able to enable/disable a particular firewall rule based on whether a particular IP is responding. I want to use this at home so that if the firewall could see that my XBOX is on it enables a specific firewall rule that restricts all network traffic except the XBOX to a specific down/up rate.

    I have already setup QoS etc which has helped but still find that gaming can suffer depending on other things happening on the network. Yes I could shape them etc but there are so many things that could chew up bandwidth in our household it's hard to account for and schedule them all and I don't want them shaped all the time.

    I have created this rule already that restricts all traffic except the XBOX and it works very well but I have to turn it on/off manually before and after I game. A way to automate this would be awesome, scheduling is no go as I don't know when I feel like jumping on for a gaming session or how long it would be for.

    Guessing it cant be done but thought i'd throw it out there anyway in case i'm missing something or suggest as a feature if there was enough support.
    Cheers!


  • Netgate Administrator

    There are a few things I could think of but all are pretty hacky if done via the GUI and probably wouldn't work well anyway.

    You could script it easily enough though I would think. Record a couple of php shell sessions to enable/disable the rules you need. Use a simple shell script to ping the xbox IP and playback the appropriate session. Run the script via cron at suitable intervals.

    Steve



  • Great idea, thanks Steve i'll give that a go!