Time based captive portal for kids internet?

[moritz]

Hi,

I want to use the captive portal to restrict the online time of the kids network. Using the vouchers is working but solves only half of the problem.

I want to have a fixed time (say 2-5 pm) where the internet is available in the kids network ideally without using vouchers. Afterwards I want to extend the internet time sometimes by 45 min or 2x45 min etc by giving vouchers, but not on a daily basis.

Does anybody have an idea how to achieve this using OPNsense 24.1?

Thanks a lot.

[chemlud]

Deliver IPs based on MAC of devices and have scheduled firewall rules for these IPs and the services (ports) you want to regulate. You can adjust the time for the schedules. Have an eye on the states after access expires, otherwise the party will last until states expire...

[Monviech (Cedrik)]

I remember vividly how I abused this state expiration as a teenager (without knowing what it is) because I could stay logged on in the MMORPG I was playing far after the schedule for internet expired. xD

[chemlud]

...in pfsense I had a cron job one min after the FW expired (don't remember if scheduled allow or deny rules though...) that killed states for the specific IPs in question. Later that didn't work well and I established cron jobs to kill ALL states when rules expired.

Nowadays the scheduled rules for isolated IP are gone, kiddies grown up, but the cron jobs remind during nighttime frequently that IT'S LATE NOW, GO TO BED... :-D

PS: how-to for CRON job for state killing

https://forum.opnsense.org/index.php?topic=10740.msg49334#msg49334

...and nano is installed by default nowadays iirc.

[moritz]

Thanks for the input. I guess I will check if can create some cronjob based script magic with the API. Found some captive portal API interaction here: https://ask.linuxmuster.net/t/opnsense-captive-portal-per-api-steuern-reloaded-howto/9590