IPFW Time-Range
Dan Nelson
dnelson at allantgroup.com
Sat Jul 22 17:40:35 UTC 2006
In the last episode (Jul 22), Pelekh Volodya said:
> Hi
> My name is Volodya, i'am from Ukraine
> I have a little question,
> do you plan to add time-range in ipfw?
> Something like in Cisco
> thanks
> wait for answer
One way to do what you want is to put your time-sensitive rules in a
separate set:
ipfw add 500 set 1 reset ip from any to any dst-port 554 // block realaudio streams
Then use cron to enable/disable them during your timerange:
0 8 * * * root ipfw set enable 1
0 18 * * * root ipfw set disable 1
You can run "ipfw -S list" to see which sets are active at any time.
It would be nice to have this built into ipfw, though.
--
Dan Nelson
dnelson at allantgroup.com
More information about the freebsd-questions
mailing list