Scheduling IP blocking
Scheduling IP blocking
I am running RT2.9 on a Safecom wireless modem/router. I seem to recollect (altho I never used it) that the original fw had scheduling options for allowing/blocking by ip. Is this capability anywhere in the RT fw? My sons have fixed ips for their Xboxes and I would like to schedule a curfew time!
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: Scheduling IP blocking
I would just use rshaper or netshaper to throttle their bandwidth.
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: Scheduling IP blocking
I can see in RT Configuration how to enable rshaper and netshaper, but having enabled one how do I then select the ip and time schedule?
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: Scheduling IP blocking
Details are in features.html.
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: Scheduling IP blocking
features.htm gives me a sample command for throttling a particular ip. Nothing that I can see about an automatic time-based schedule, and in fact I'm not sure that the router maintains a 24 hour clock?! So I cannot see that I could do what I want to. If I have to issue the command manually then I could just as easily block traffic to that IP via the menu? I think I may have to give up on this . . . unless anyone knows better.
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: Scheduling IP blocking
The router most definitely maintains a 24 hour clock - after all, the firmware is a fully-fledged Linux operating system. Scheduling is done via "cron" (the crontab file is "/root_cron"). You can add entries to that file manually (in "crontab" format) to do your scheduling, or you can use the built-in commands "cronjob.sh" or "cronjob-env.sh". The latter makes the scheduled jobs persist between reboots of the router. So, for what you want to achieve, you can do something like:
The first command schedules a throttling of the bandwidth of 192.168.1.6 to 128 bytes per second at 21.00 hours everyday, and the second one removes the bandwidth throttling at 15.30 hours everyday. You only need to run these commands once. If you want to remove them, then you will need to run this: "unsetenv RT_cmd_5 && unsetenv RT_cmd_6", and then reboot the router.
For further information about "cron", see http://en.wikipedia.org/wiki/Cron
Code: Select all
cronjob-env.sh "rshaperctl 192.168.1.6 128" "0" "21" "*" "*" "*" "RT_cmd_5"
cronjob-env.sh "rshaperctl 192.168.1.6 0" "30" "15" "*" "*" "*" "RT_cmd_6"
For further information about "cron", see http://en.wikipedia.org/wiki/Cron
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: Scheduling IP blocking
Brilliant: so I can run these commands from the Tools/RT Configurations/Run Command can I? Also how can I find out whether the clock is correctly set to local time (preferably from the browser menu)?
paulus22
paulus22
Re: Scheduling IP blocking
One final thing . . . . can I specify a day? (Ideally to give them a later curfew at weekends) and (very finally!) rather than switching this off with another command, would unchecking the rshaper box in the browser menu effectively suspend these commands, and reticking it later reactivating them (without re-entering)?
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: Scheduling IP blocking
I would not recommend that. You should do it from a telnet/ssh login session.paulus22 wrote:Brilliant: so I can run these commands from the Tools/RT Configurations/Run Command can I?
Enable "sntp" in the "Advanced" menu, and that will take care of things. To find out the time, run the "date" command (you can do this one from "Run Command").paulus22 wrote:Also how can I find out whether the clock is correctly set to local time (preferably from the browser menu)?
You can do virtually anything with cron and crontab files, and you can fine-tune it to the minutest detail. This will involve getting your hands dirty with the crontab syntax - but there are enough resources available on the web that explain its use (including the link I posted earlier).paulus22 wrote:One final thing . . . . can I specify a day? (Ideally to give them a later curfew at weekends)
It won't work. Actually, the rshaper box is a bit superfluous, as the kernel module is loaded on demand (i.e., when you run rshaperctl, the kernel module will be loaded if it wasn't loaded during the boot process). The easiest option is to disable cron, and then reboot.paulus22 wrote:and (very finally!) rather than switching this off with another command, would unchecking the rshaper box in the browser menu effectively suspend these commands, and reticking it later reactivating them (without re-entering)?
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
Re: Scheduling IP blocking
Decided to have my very first forray into telnet! FAILED - cannot even achieve a login. The firmware is the AR7WRD but my normal browser login and password doesn't get me logged in via telnet. I have never set a telnet login so what is the default login/password that telnet is looking for?
Re: Scheduling IP blocking
Worked it out! Now let's see where I can get to now!!
Re: Scheduling IP blocking
Successful! Well at least managed to enter all I needed to, and crontab reports that it's set up just as intended. Will wait and see whether the kids ask coded questions about whether I was "having trouble with the internet last night"!!!
Many thanks for all of your help,
paulus22
Many thanks for all of your help,
paulus22
Re: Scheduling IP blocking
My son's XBox has always been on a single ip (192.168.1.3) - which I have made static. Altho' he connects via DHCP the router seem to always remember his mac and reconnect to that ip. Hence I have made scheduling rules for that ip. However, having rebooted today I find that he has been connected to 192.168.1.4 - although in the table (Advanced/Lan Clients) it show a static ip 3 with his mac against it and a dynamic ip 4 also with his mac against it, and the real connection is to 4. Am I wrong is assuming that the router should force his ip to 3? how have we got into this situation? and how can I rectify it?
- thechief
- RouterTech Team
- Posts: 12067
- Joined: Wed Feb 01, 2006 10:22 pm
- Location: England, the Centre of Africa
- Contact:
Re: Scheduling IP blocking
I am not a networking guru, so I may be well off the mark - but this may have to do with lease times ...
The Chief: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
No support via PM. Ask all questions on the open forum.
- biro
- RouterTech Team
- Posts: 1274
- Joined: Wed Jan 25, 2006 10:03 pm
- Location: Letchworth Garden City, ENGLAND
- Contact:
Re: Scheduling IP blocking
Have you changed the DHCP range on the router?
if 192.168.1.3 isn't within the routers DHCP range then it won't issue it even when set as a static IP.
if 192.168.1.3 isn't within the routers DHCP range then it won't issue it even when set as a static IP.