OPNsense Forum
English Forums => General Discussion => Topic started by: rolnics on November 06, 2019, 12:53:02 pm
-
Hello,
I hope someone can point me in the right direction or some tips.
Until recently I had a setup with pfsense but made the change to OPNsense so there are differences for this noob!
Basically I would like to be able to restrict certain IP's at certain times of the day - yes kids! :)
What I've done so far is used a traffic shaper to restrict bandwidth, with the aim of each user having their fair share and within that, I'll try and sort q's, but that's for another day. I've also setup static IP's and alias groups to try and make things easier.
My main aim and what I'm struggling with is how can I restrict or block internet access altogether, for example, night time periods? I can't seem to find a way to do it, I have setup some schedules, but I can't seem to see a way to bring the IP's and times together. I have seen another post that mentions "Bedtime" on the rpi, which I'll give it a go as I've already got pihole running, but it would be nice to keep this with the OPN box rather than another system to maintain, however, I'm also concerned that if I tinker too much I'll break something! But I suppose that's all part of the learning process as well!
Thanks for any help in advance.
-
I did bedtime a wee while ago. You'd need to put the php/perl scripts on the Pi-Hole to allow it to run as well as the relevant packages.
Details are here: https://github.com/bartsmit/bedtime/blob/master/INSTALL.md
Let me know if you get stuck,
Bart...
-
I can add it to the pi! Wow, will give it a try....
Although thing is, pi power, think I'm running a pi2, will it be too much for it? Thus the reason for using the OPN box, I could dig out another pi I have somewhere.
Thanks
-
The main bottleneck is the Ethernet adapter, since the traffic has to go to and from the Pi. If your offspring is numerous and they're all streaming 4K, you may have an issue.
I never saw any difference when I used it, in admittedly simpler times. See how far you get ;)
Bart...
-
I have fixed IPs and on top of the list a scheduled BLOCK rule for the respective IPs. Together with a cron job (set up with help of this forum) to clear states 1 min after the block rule kicks in... Works like a charm, as long as no MAC spoofing involved...