Question on Access Plans on Firewall (Kind of like an ISP)

Sam Couter sam at topic.com.au
Mon Jan 21 15:49:47 EST 2002


Peter Foley <pjfoley at austarmetro.com.au> wrote:
> My Parents are deciding to get Transact as well, and my mother has asked me
> to put together something that will be able to restrict my brother to only
> using the Net during certain times of the day and also give him a MB Limit.

 ... and a little box on the power cable of the TV so he can only watch
it at certain times? A time delay lock on the cookie jar?

 [ remaining rant withheld ]

> I am still siffting through all the docs that I found on IPTables, would the
> answers be in there?  So far I have not come across anything to suggest that
> IPTables can do this.

There is a feature in Linux called Traffic Shaping. Searching Google for
"traffic shaping linux" turns up heaps of stuff that looks pretty good
at a glance.

I don't know if you will be able to do your shaping based on users, but
you will be able to do it based on IP address. If your brother uses the
same computer as everyone else then either they'll have to live with the
same restrictions or you'll have to provide a way for them to be lifted.
A password protected CGI or something would probably do, depending on
how smart/determined your brother is.

Likewise, I don't know about time-based restrictions, but it's not hard
to write a script to modify the restrictions and run it at certain times
using cron. You could use a script as simple as
"echo 1 > /proc/sys/net/ipv4/ip_forward" to enable IP forwarding at the
appropriate time, and a similar script to disable it.
-- 
Sam "Eddie" Couter  |  mailto:sam at topic.com.au     |  I need a short and
Internet Engineer   |  jabber:eddiesam at jabber.org  |  clever comment for
tSA Consulting      |  http://www.topic.com.au/    |  my .signature file
OpenPGP fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20020121/38b24432/attachment.bin


More information about the linux mailing list