Date: Thu, 03 Mar 2005 16:26:52 -0600 From: Ryan Winograd <rylwin@houston.rr.com> To: freebsd-ipfw@freebsd.org Subject: Re: time policies Message-ID: <42278F2C.1050604@houston.rr.com> In-Reply-To: <20050303120033.5E23C16A4E6@hub.freebsd.org> References: <20050303120033.5E23C16A4E6@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Urban Engemyr, Chris is right. Crontab is your answer._BSD HACKS_ (published by O'Reilly) explains how to automatically change firewalls rules at certain times in hack #64 "Script IP Firewall Rulesets." Let's assume a very simple situation: you either allow traffic or block it. step 1: create to rulesets - /etc/ipf.rules.allow - /etc/ipf.rules.block step 2: the first script (block access) #!/bin/sh # replace the ipf.rules file cp /etc/ipf.rules.block /etc/ipf.rules # now have ipf re-read the rules file ipf -Fa -f /etc/ip.rules For the other script, replace ipf.rules with ipf.rules.allow. This is, of course, a simple example, but feel free to make it as complicated as you wish Hope this is helpful! Ryan > >Message: 1 >Date: Wed, 2 Mar 2005 20:28:06 +0100 >From: "Urban Engemyr" <urban.engemyr@ecr-consulting.se> >Subject: time policies >To: <freebsd-ipfw@freebsd.org> >Message-ID: > <03A9E4B63BABC943BEC0C8A8EE428947016780@ecrex01.ecr-consulting.se> >Content-Type: text/plain; charset="us-ascii" > >Hi, > >Is it possible to have ipfw rules that are enabled during certain times >only? > >Regards >Urban > > >------------------------------ > >Message: 2 >Date: Wed, 2 Mar 2005 21:32:12 +0200 >From: "Chris Knipe" <savage@savage.za.org> >Subject: Re: time policies >To: <freebsd-ipfw@freebsd.org> >Message-ID: <000c01c51f5e$890db150$0a01a8c0@ops.cenergynetworks.com> >Content-Type: text/plain; format=flowed; charset="iso-8859-1"; > reply-type=original > >Crontab? > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42278F2C.1050604>