OPNsense Forum

English Forums => General Discussion => Topic started by: bitTwiddler on March 01, 2023, 02:25:22 AM

Title: Scheduled filtering by MAC address
Post by: bitTwiddler on March 01, 2023, 02:25:22 AM
Hello OPNsense gurus,

I would like to block internet access by MAC id during specific periods of the day (during testing and quizzes).  Is there a way to do that from the UI or the command line?  The latter would allow me to use cron to schedule the outages, the former would be fine as well.

Thanks!
Title: Re: Scheduled filtering by MAC address
Post by: chemlud on March 01, 2023, 08:36:07 AM
You can have scheduled allow rules, to be on the safe side I would add a cron job for killing all states 1 min after the block kicks in.

Hope your setup is MAC spoofing-proof... ;-)

The easiest way: pull the power plug of the access point.
Title: Re: Scheduled filtering by MAC address
Post by: bitTwiddler on March 01, 2023, 09:07:08 PM
I am not concerned with MAC spoofing at this point.  Good point on killing states.  Is that something that can be done with OPNsense using the command line or are you speaking of killing open network connections using Linux commands?

> The easiest way: pull the power plug of the access point.

Pulling the plug would mean no computer usage which is not at all the point.   8)

I was hoping that I could enable/disable firewall rules using an API as that would be slick and easy to encorporate into cron.
Title: Re: Scheduled filtering by MAC address
Post by: bitTwiddler on March 01, 2023, 11:13:40 PM
Digging further into the docs there _are_ API endpoints for the firewall.

https://docs.opnsense.org/development/api/core/firewall.html