Both sides previous revision Previous revision Next revision | Previous revision |
linux_router:nftables_control [2021-01-24 Sun wk03 14:00] – [Disable Range of IP addresses, with count-down timer] baumkp | linux_router:nftables_control [2023-04-30 Sun wk17 17:43] (current) – external edit 127.0.0.1 |
---|
| {{tag>linux nft nftables nmap}} |
=====NFTables IP Control===== | =====NFTables IP Control===== |
I primarily set this feature up to act as a form of parental control on my home internet access. | I primarily set this feature up to act as a form of parental control on my home internet access. |
| |
''crontab'' is finicky! crontab does not necessary use BASH and the full path to the command must be given for reliable performance. Further to this cron error messages are sent to the system mail server, so if this is not setup or otherwise not working the error message go nowhere. Systemd has a service to redirect output of cron jobs to systemd's journal: ''/usr/bin/systemd-cat -t controllist'', again the full path is given. The command path can be found using ''which'', e.g. ''which nft''. In any case the final crontab command entry would look like: ''/usr/bin/systemd-cat -t controllist /home/baumkp/controllist.sh'', remembering everything after the 5th space is passed to the system shell command interpreter. | ''crontab'' is finicky! crontab does not necessary use BASH and the full path to the command must be given for reliable performance. Further to this cron error messages are sent to the system mail server, so if this is not setup or otherwise not working the error message go nowhere. Systemd has a service to redirect output of cron jobs to systemd's journal: ''/usr/bin/systemd-cat -t controllist'', again the full path is given. The command path can be found using ''which'', e.g. ''which nft''. In any case the final crontab command entry would look like: ''/usr/bin/systemd-cat -t controllist /home/baumkp/controllist.sh'', remembering everything after the 5th space is passed to the system shell command interpreter. |
| |
example ++++ ''sudo crontab -e'' | | ++++ example: ''sudo crontab -e'' | |
<code> | <code> |
# Edit this file to introduce tasks to be run by cron. | # Edit this file to introduce tasks to be run by cron. |
# 30 23 * * 5-6 /usr/bin/systemd-cat -t controllist /home/baumkp/controllist.sh 5h30m | # 30 23 * * 5-6 /usr/bin/systemd-cat -t controllist /home/baumkp/controllist.sh 5h30m |
# 30 22 * * 0-4 /usr/bin/systemd-cat -t controllist /home/baumkp/controllist.sh 6h30m | # 30 22 * * 0-4 /usr/bin/systemd-cat -t controllist /home/baumkp/controllist.sh 6h30m |
</code> | </code> ++++ |
| |
| The crontab files are stored at ''/var/spool/cron/crontabs/$USER''. You should not edit these files directly, use ''crontab -e'' for current user or ''sudo crontab -e'' for root. |
| |
====Limit Rate on IP Address Range==== | ====Limit Rate on IP Address Range==== |