Date: Wed, 3 May 2006 17:09:41 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Atom Powers <atom.powers@gmail.com> Cc: Bryan Curl <bc3910@gmail.com>, freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: ipfirewall tricks Message-ID: <20060503140941.GD58624@gothmog.pc> In-Reply-To: <df9ac37c0605022041u2fa68b83t4ad6e4291f65a3cf@mail.gmail.com> References: <51257d370605021635x126d6560ueffdba9285d763da@mail.gmail.com> <df9ac37c0605022041u2fa68b83t4ad6e4291f65a3cf@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2006-05-02 20:41, Atom Powers <atom.powers@gmail.com> wrote: >On 5/2/06, Bryan Curl <bc3910@gmail.com> wrote: >>I want to limit time my kids spend on the internet. >>The way I am doing it is to make varying, seperate ipf.rules files and >>install them from cron at the appropriate time. >>Problem is, if I make a change to one file, I generally have to update all >>the others accordingly. >> >>Is there a better way? I have read man ipf but didnt come out with any >>ideas. > > I would use pf and have something like this: > > pf.conf > ---- > block out all from <kids> to any > ---- > > crontab > ---- > pfctl -t kids -T add kids.ip.to.block > pfctl -t kids -T del kids.ip.to.allow > ---- > > You can also keep the IPs in a flat file and just tell pf to re-read > the file (or read a different file) to update the table. Ah, neat trick. This is exactly why tables are so cool :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060503140941.GD58624>