Community discussions

MUM Europe 2020
 
elkolo23
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 69
Joined: Mon May 28, 2007 9:30 pm

drop by time

Sat Jul 21, 2007 6:53 am

i have these following rules

15 ;;; drop todo el ares de 4pm a 11pm
chain=forward src-address=192.168.10.0/24 p2p=warez
time=16h-23h59m,sat,fri,thu,wed,tue,mon,sun action=drop
DROP ARES BETWEEN 4PM-11PM
16 ;;; botar p2p de 8am a 10pm
chain=forward src-address=192.168.10.0/24 icmp-options=0:0 p2p=all-p2p
time=10h-21h59m,sat,fri,thu,wed,tue,mon,sun action=drop
DROP ALL P2P BETWEEN 8AM -10PM
17 ;;; aceptar p2p de 0am a 8am
chain=forward icmp-options=0:0 p2p=all-p2p
time=0s-7h59m,sat,fri,thu,wed,tue,mon,sun action=accept
ALLOW ALL P2P BETWEEN 00:00 TO 7:59AM

PROBLEM IS THAT DONT KNOW WHAT ORDER IS CORRECT BUT IT WILL ONLY DROP ARES AND P2P WITHOUT TIME INTERVAL..
ALSO IF I MOVE ACCEPT ALLP2P RULE UP WHICH SHOULD WORK JUST IN ITS TIME RANGE IT WILL ACCEPT ALL P2P ALL DAY AND WONT OBEY TIME RANGE I HAVE SET..

PLEASE HELP ME CAUSE P2P ARE KILLING MY AP.
 
User avatar
cholegm
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Thu Jul 19, 2007 7:43 pm
Location: Gornji Milanovac, Serbia
Contact:

Re: drop by time

Mon Jul 23, 2007 7:55 pm

Sorry but I don’t understand your question fully!



If I don’t wrong you want this!

You have priority numbers 0,1,2,3,...
0 is height
3 is lower

0 will be accept rule (ALLOW ALL P2P BETWEEN 00:00 TO 7:59AM)
1 will be drop rule (totally drop of P2P)

You can add more accept rules !!! place before 1 !!!

And you can add this:
/ip firewall filter
add chain=forward protocol=tcp p2p=all-p2p connection-limit=10,32 action=accept comment="" disabled=no

Connection limit for P2P connections in every second! 8)




I hope that I help you! :D


Best regards,
Mladen Colic
 
elkolo23
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 69
Joined: Mon May 28, 2007 9:30 pm

Re: drop by time

Tue Jul 24, 2007 11:21 pm

i want to drop in time range but now is not working,, it only drops if i dont put time range
 
User avatar
cholegm
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Thu Jul 19, 2007 7:43 pm
Location: Gornji Milanovac, Serbia
Contact:

Re: drop by time

Wed Jul 25, 2007 11:41 am

Ok

I see that I must write the script.
/ip firewall filter
add chain=forward action=accept p2p=all-p2p time=00:00-07:59,mon,tue,wed,thu,fri,sat,sun \
      comment="accept p2p from 00h-8h AM"
add chain=forward action=drop p2p=all-p2p comment="drop all p2p"
Try this!
 
abab_rafiq
Member Candidate
Member Candidate
Posts: 120
Joined: Thu Aug 24, 2006 12:47 pm
Location: Dhaka

Re: drop by time

Wed Jul 25, 2007 5:53 pm

You can also add another chain for p2p as
add chain=forward p2p=all-p2p action=jump jump-target=p2p

Then you can add any p2p rule there.

It will seperate your p2p rule from others.

Rafiq...

Who is online

Users browsing this forum: Bing [Bot], orionix and 141 guests