"The Linux Gazette...making Linux just a little more fun!"


(?) The Answer Guy (!)


By James T. Dennis, linux-questions-only@ssc.com
LinuxCare, http://www.linuxcare.com/


(?) Limiting Internet Access through Cable Modems

From Chris Dahl on Fri, 20 Aug 1999

I have a Linux box set up at home that is connected to the Internet through a Cable Modem. Myself and my kids share this connection through IP-Masquerading using Windows Clients. Is there a program, or option that will run on Linux that will allow me to control when they use the Internet and for how long?

Or is this better controlled through the workstation?

Chris

(!) There isn't an option or program that I know of. However, it should be possible to write some.
To limit them to specific times of the day I'd just set up a set of cron jobs that periodically remove and replace the routes and packet filters between your kids' systems and the Internet.
Let's say you give the kids' systems IP addresses like 192.168.2.*, and you give your own systems 192.168.1.* addresses. Now you can have cron jobs that add packet filtering REJECT statements that prevent the masquerading system from forwarding packets from the 192.168.2.0 network.
The exact rules would depend on your needs and the version of the Linux kernel that was running on your router.
Setting up limits own now long their connections are allowed to persist would be more challenging. I'd probably look at doing that using DHCP --- where you'd assign each kid's system an IP address (via it's ethernet MAC address) and you configure the leases so that they expire in a set time. Then you hack the DHCP daemon's code a bit so that it refuses to reissue those specific IP addresses within some other set time period (say, one day).
Another approach would be to hack up a copy of diald to just add and remove routes/IP masquerading entries (read through the sources, find out where it's calling the PPP daemon and replaces those system() calls --- or whatever they are, with your own calls to the ipfwadm or ipchains utilities. The same code that adds your masquerading entries can also use an 'at' command to schedule a time to remove them).
These don't sound like horribly difficult programs to write --- although it might be easier and ultimately more effective to enforce your household rules through old-fashioned parental supervision.


Copyright © 1999, James T. Dennis
Published in The Linux Gazette Issue 45 September 1999
HTML transformation by Heather Stern of Starshine Technical Services, http://www.starshine.org/


[ Answer Guy Index ] 1 2 3 4
5 6 7 8
9 10 11 12 13


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]