Joined: 13 Nov 2008 Posts: 5266 Location: CENTRAL Midnowhere
Posted: Sun Feb 22, 2009 21:04 Post subject:
You have sidelined this into your own little issue, and have done so quite abnoxiously.
There is no need to go back to an old version of dd-wrt to accomplish what was being requested.
Sorry if you don't like that, but continuing to argue about an issue that you raised is basically trolling. I won't participate further in your responses. _________________ Warning: I'm "out of my element!"
http://www.youtube.com/watch?v=MjYJ7zZ9BRw&NR=1
Can you give me a tip on how to do this? Right now my computer is set to dynamic IP so I can't be sure of it's IP address at any given time. I also can't list all MAC addresses since that's unknown. The only solution I can think of is to give my PC a fixed IP and set a range of IPs that excludes mine. I much prefer to leave it dynamic, however, because ocassionally I use my laptop elsewhere where a dynamic IP is required. Thanks for your help.
My first post... in the middle of a flame war no less Go easy on me.
Easiest solution that I can think of... Keep your laptop dynamic. Just set DHCP reservations by MACs (both your Wired and WiFi) to keep the laptops whitelisted outside of your range of filtered IPs.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
-Russ
Current DD-WRT Project...
1. WRT54GL v1.1 @ v24-sp1: Internet Gateway, DHCP 2 outof 3 VLANs
2. WRT54GL v1.1 @ v24-sp1: VLAN2 AP (tennant)
3. WRT54GL v1.1 @ v24-sp1: VLAN3 AP (public)
4. WRT54GL v1.1 @ v24-sp1: VLAN1 AP (primary)
5. WRT54GL v1.1 @ v24-sp1: VLAN1 AP WDS <- in progress
6. WRT54GL v1.1 @ v24-sp1: VLAN1 AP WDS <- in progress
7. Server2k3 Box: VLAN1 DHCP, VPN, RAS
Posted: Wed Feb 25, 2009 19:17 Post subject: access restriction help
This is my first post - so please go easy on me....
I just setup a Linksys WRT54GS with dd-wrt.v24_micro_generic and so far everything is working as I planned. But now I've come up with a problem and can't tell if it's how I have it setup or a limitation of the dd-wrt firmware.
I've got several wireless devices in the house and am wanting to block the kids access during certain times (I'm tried of catching them online at 3am on a school night). I've setup 2 Access Restrictions by MAC address (so only their computers are affected). I have these 2 policies setup:
1) Deny all internet access from 21:00 to 23:59
2) Deny all internet access from 00:00 to 06:00
I've got these setup every day.
The problem that I'm seeing is that my lease ttl is set to default of 1440 minutes and if either mac is already connected at 21:00 then the deny restriction doesn't seem to work, it only seems to work if they are not connected and are trying to connect. Is there a way for these policy's to drop an active connection or am I stuck lowering the lease time down to something like 30 or 60 minutes?
Joined: 13 Nov 2008 Posts: 5266 Location: CENTRAL Midnowhere
Posted: Wed Feb 25, 2009 20:01 Post subject:
kodo wrote:
You should update the firmware, probably there is a bug in the access restrictions.
While there were some bugs in access restrictions not working in some of the builds, they ae working in svn11296. _________________ Warning: I'm "out of my element!"
http://www.youtube.com/watch?v=MjYJ7zZ9BRw&NR=1
Joined: 13 Nov 2008 Posts: 5266 Location: CENTRAL Midnowhere
Posted: Wed Feb 25, 2009 20:43 Post subject:
Sorry...I missed your post about the lease times.
I do the exact same thing, and I do not have to change lease times. I block my kids by MAC address. Couple of things.
1. You cannot use access restrictions in a bridged mode router. Need to have it in Access point mode.
2. Make sure you enable the access restrictions at the top.
3. You have to enter the mac addresses on that separate page you get when you click on the client list, and be sure to hit apply, not just save.
You can see if they are working by the connection count on their computers. When the time hits to knock them off, connections drop quickly to 0 or close to it. Mine work well.
Svn11296 has proven to be one of the best builds for basic routers. I would suggest updating first, and then entering the data. You will have to do all them again (can't reload config files) if it doesn't work with the build you have. _________________ Warning: I'm "out of my element!"
http://www.youtube.com/watch?v=MjYJ7zZ9BRw&NR=1
Posted: Sun Mar 22, 2009 23:19 Post subject: Allow access to only a few websites?
I was wondering if the policy filters would allow me to make a policy that allows access to a few websites but denies access to all other websites (and local lan address as well).
So, basically allow http to yahoo.com and then deny everything else?
Is this possible?
Thanks,
JD
Joined: 13 Nov 2008 Posts: 5266 Location: CENTRAL Midnowhere
Posted: Mon Mar 23, 2009 1:34 Post subject: Re: Allow access to only a few websites?
jdjuggler wrote:
I was wondering if the policy filters would allow me to make a policy that allows access to a few websites but denies access to all other websites (and local lan address as well).
So, basically allow http to yahoo.com and then deny everything else?
Is this possible?
Thanks,
JD
Posted: Mon Mar 23, 2009 20:43 Post subject: Re: How to use Access Restrictions
[quote="Eko"] * * * How to use Access Restrictions * * *
this is for at least RC5 builds - I don't remember how it was on older builds.
1) Policy is applied when set IP (or range, or MAC) and set time are both matched.
2) All ten policies are used
- this is different then in factory Linksys firmware, when only first match is used
3) "Deny" policy
- Deny policy completely blocks internet access. (filters are of course not used). If you need to deny internet access e.g form 10PM to 6AM, make 2 policies: 1st from 22:00 - 23:59; 2nd form 0:00 to 06:00
4) "Allow" policy
- Name is wrong, it should be "Filter" (already fixed in code). This policy will not allow intenet access during selected days and hour, as it is popular belief, but will only apply set filters and port services (p2p, block by URL....) on set times. Other times will have unfiltered internet access.
Quote:
I have this same setup on time. But for some reason it is off at times not set. Example: I came home today (16:00) and had not connection. Disabled rule 1 and it connects fine. The clock is set correctly on the linksys. Any ideas
Firmware: DD-WRT v24-sp2 (02/03/09) mini
Time: 16:39:45 up 43 min, load average: 0.09, 0.05, 0.05
I, too, am seeking a way to deny access to all web sites except for a few that I specify. Furthermore, I'd like to specify different access rules for the different PCs on my home network. I have a Linksys WRT54GL v1.1 and currently using DD-WRT v23SP2. Can I do this?
I have been tinkering with OpenDNS for a couple days and it looks promising. But I can't figure out how I can have different rules for the different PCs on my network.
Hi
Not talking about bridged routers, I'd like to know if AR are working in simple "client" mode? If not, why not disabling the whole AR page when in this mode, like for Management/Upgrade & Backup when the GUI is accessed through HTTPS?
Depending on the answers, I'll post the suggestion into TRAC.
Bye
I, too, am seeking a way to deny access to all web sites except for a few that I specify. Furthermore, I'd like to specify different access rules for the different PCs on my home network. I have a Linksys WRT54GL v1.1 and currently using DD-WRT v23SP2. Can I do this?
I have been tinkering with OpenDNS for a couple days and it looks promising. But I can't figure out how I can have different rules for the different PCs on my network.
Thank you for any help!
OPenDNS can base it's rules on your IP address. If you are behind a NAT router, then you are limited to having one set of rules for all your PCs.