Limit connection by duration

[bpalob]

Good day,

I am desperately seeking a possibility to limit the connection by duration. For instance, I´d like to create an alias for all devices of my kids, and limit their usage to xx Minutes per day per device. Or even better, to create users, force them to login and get them a per account daily limit.

Is this something that can be done?

Thanks.

KR, Bruno
#

[Mitheor]

Maybe captive portal with vouchers?

https://docs.opnsense.org/manual/captiveportal.html

[bpalob]

This was my first attempt too... set this up last week for a few days. Did have issues with redirects that didn´t always work, with SSL, every device (Apple, Android, OSX, Windows) behaved a little different. Also I somehow managed to get the "parents" devices not to go through the captive portal. But I´d assume there must be an easier way. I can restrict times with the schedule and a firewall rule. Is there no way to simply say that each connected client belonging to Alias "Kids" disconnects after 60 Minutes and cannot reconnect until 09:00 the next day?

[marjohn56]

The problem is kids are smart and will find a way around most things. The only way I know of being totally secure is VLANs and separate Wifi networks. You can use a schedule to block all all traffic on a VLAN beween given times, there are some Wifi access points out there that have have multiple SSIDs that have built in schedulers and don't need VLANs.

[tong2x]

marjohn56 suggestion would be pretty much a safe bet other than giving voucher to your kids.

not possible to redirect to SSL website because it will break SSL rules, hence doing so will be illegal.

you could also add static mapping for your kids devices...
setup a firewall rule with schedules
restrict only out outgoing rules (to the Internet)
havent really tried "schedules" but there is an option in the firewall rules
(last two options in the firewall rule)

this way, they could still connect to your printer, if that is permitted

https://docs.opnsense.org/manual/firewall.html