Firewall rule with schedule
-
Hi all,
I'm now setting a firewall rule in my office.. by default, all network services are denied in LAN… 1 rule called rule 1 is created in allowing port 80 from any user in LAN that is
Proto = TCP
Source = *
Port = *
Destination = *
Port = 80
Gateway = *Now, another rule called rule 2 is created to block port 80 during certain period of time( 3:00-4:00) with schedule set.
Of course, rule 2 is before rule 1.My case is that all users are blocked using port 80 starting from 3:00. However, port 80 service can not be resumed at 4:00 sharp. port 80 service resumed very late, for instance, 4:30.
Do you know the reasons behind? Any solutions towards my problem?
Thank you. -
I checked it last night, it delay 15 minutes, that's the network service(port 80) resumed at 4:15.
Appreciated if anyone can tell the way to resume on time without delay.
Many thanks. -
When a scheduled rule exists, the following cron job is added:
0,15,30,45 * * * * root /etc/rc.filter_configure_sync
It only runs every 15 minutes, so schedules are actually only checked at 15-minute intervals.
I think the logic of the routine also "assumes" that 04:00 includes the whole "04:00:00-04:00:59.99" minute. So it does not think the rule should be removed until 04:01. Thus when the cron job runs at 04:00 it leaves the rule in effect. The next time it runs, at 04:15, the rule is removed.
Change the end time to 03:59 - that will effectively mean right up to 03:59:59.999…