Question on Access Plans on Firewall (Kind of like an ISP)

Peter Foley pjfoley at
Tue Jan 22 01:21:59 EST 2002

> Message: 5
> From: Sam Couter <sam at>
> Date: Mon, 21 Jan 2002 15:49:47 +1100

> Peter Foley <pjfoley at> wrote:
> > My Parents are deciding to get Transact as well, and my mother has asked
> me
> > to put together something that will be able to restrict my brother to
> > using the Net during certain times of the day and also give him a MB
> t.
>  ... and a little box on the power cable of the TV so he can only watch
> it at certain times? A time delay lock on the cookie jar?
>  [ remaining rant withheld ]

*Sigh*.  Where did that come from?  I dont know why you took the reason for
the question that way.

I believe that what they have asked me to do is perfectly ok.  What is wrong
with restricting access to the net?  Note that they have not asked me to
restrict sites that may be bad (Not that I would be able to do that, there
are so many ways to get around it) but just to put in a mechinism to
restricting times used and MBs downloaded.  He is free to use the time that
he has doing what ever he wants.  Plus the Plans for Webone and Netspeed are
not really conducive to a person who might start downloading lots of Warez
and MP3s (especially at a 512k link).

Anyway enough about that!.

> > I am still siffting through all the docs that I found on IPTables, would
> the
> > answers be in there?  So far I have not come across anything to suggest
> hat
> > IPTables can do this.
> There is a feature in Linux called Traffic Shaping. Searching Google for
> "traffic shaping linux" turns up heaps of stuff that looks pretty good
> at a glance.

Thanks sounds promising, will check it out.

> I don't know if you will be able to do your shaping based on users, but
> you will be able to do it based on IP address. If your brother uses the
> same computer as everyone else then either they'll have to live with the
> same restrictions or you'll have to provide a way for them to be lifted.
> A password protected CGI or something would probably do, depending on
> how smart/determined your brother is.

He has his own computer, I was going to setup some sort of Web front end for
registering the IP for access.

Although someone else in a reply suggested setting up a PPPoE Server which
might be a better option.  Will have to read up on that.


More information about the linux mailing list