192.168.0.1 : router/firewall (connected 24/24)
192.168.0.5 : Kid's computer (connected 24/24... but I want to limit!)
192.168.0.6 : Parent's computer (connected 24/24)
QUESTION: How can I disable (I would use crontab to restarts iptables)
access to the web to 192.168.0.5 (say if I want to sadically limit my
children's access to the net)? Which command, before which line?
Script below, with line numbering. By default, access is 24/24...
1 #!/bin/sh
2 # Script recueillit et adapte de
3 #
http://www.linuxguruz.com/iptables/s...rewall_024.txt
4 INSMOD=/sbin/insmod
5 IPTABLES=/sbin/iptables
6
7 # Devices externes et interne
8 dev_extern="ppp0"
9 dev_intern="eth1"
10
11 # IP interne du pare-feu
12 addr_int=192.168.0.3
13
14 # Reseau de la maison
15 net_int=192.168.0.0/24
16
17
#-------------------------------------------------------------------------------
18 # Modules a charger
19 $INSMOD ip_tables
20 $INSMOD ip_conntrack
21 $INSMOD ip_conntrack_ftp
22 $INSMOD ipt_state
23 $INSMOD iptable_nat
24 $INSMOD ipt_MASQUERADE
25
26
#-------------------------------------------------------------------------------
27 # Flush de toutes les regles
28 $IPTABLES -F
29
30
#-------------------------------------------------------------------------------
31 # Definition de nouvelles chaines
32 $IPTABLES -N BLOCK
33
34
#-------------------------------------------------------------------------------
35 $IPTABLES -A BLOCK -m state --state ESTABLISHED,RELATED -j ACCEPT
36 $IPTABLES -A BLOCK -m state --state NEW -i ! $dev_extern -j ACCEPT
37 $IPTABLES -A BLOCK -j DROP
38
39 $IPTABLES -A INPUT -j BLOCK
40 $IPTABLES -A FORWARD -j BLOCK
41
42
#-------------------------------------------------------------------------------
43 # NAT
44 $IPTABLES -A POSTROUTING -t nat -o $dev_extern -j MASQUERADE -s
$net_int
45 echo 1 > /proc/sys/net/ipv4/ip_forward
46
Similar Threads
Linear Mode
