Need help restricting internet access on machines.

swatbat

swatbat

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,052
My brother is screwing up pretty bad in school right now. I need to be able to restrict his internet access so he can't stay up all night on the net. Do you all know of any router out there that I can disable access after say 10 pm at night to certain pcs via unit name, mac etc? Will something like smoothwall or IPcop have a setting for this? It needs to be at the router level as he has a school notebook that they have locked out. He needs to be able to access the internet for school and I really don't want to sit here and pull the access point's connection every night to make sure he doesn't stay up all night on the net. At very least I need a router that will log eveytime his computer gets access. Anyone have any good ideas on this?

Thanks
Cosby
 
Any of the Linux distros running Squid for the proxy can do what you need, I know there are a couple of SOHO routers that do it as well but I'd have to double check which ones. I think that the Linksys do depending on the firmware.
 
Malk-a-mite said:
Any of the Linux distros running Squid for the proxy can do what you need, I know there are a couple of SOHO routers that do it as well but I'd have to double check which ones. I think that the Linksys do depending on the firmware.
Click to expand...
comcasts custom firmware on there routers have restriction by time, my netgear had it and my linksys has it
 
If you have an old P2 or P3 box sitting around, throw a pair of NICs in it, and install IPCop or smoothwall or similar. That'll be the most customizable option, which will allow you the most control, and allow addons for things such as content filtering, port scan blocking, etc. I personally use IPCop for my firewall.
Lots of recources for it as well:
www.ipcops.com - has forums, and other recources
http://mh-lantech.css-hamburg.de/ipcop/news.php - german site, has a lot of useful addons available for download
http://firewalladdons.sourceforge.net - more addons
 
morpheus6d9 said:
i know if u have a linksys router u can block pc's by time
Click to expand...
Except that the OP stated that his brother needs to be able to use the net for school, so blocking it entirely isnt an option. IPCop or a similar linux distro can allow content filtering, which is what the OP needs.
 
Will the standard linksys g router block by time? I need to pretty much block 2 mac address and let all of the others on. If the basic linksys router will do it I will just buy it. I was thinking about like a WRAP.1E-2 and m0n0wall but I was going to load m0n0wall on a celeron 633 first to try it out first. m0m0wall does not support mac filtering yet though. How I have it set up now I can't just use a pc to do it as the router is in my front room by the tv and I don't want a pc there that will make noise(A mini-itx running ipcop or m0n0wall is an idea as well)

What I was thinking is use something like a wrap with a wirless nic in it for my brothers machines to connect to and use and access point connected to a switch for everyone elce. I'm thinking that there should be some way for me to disable the wireless connection at certain times(say 10pm untill 7am). Am I putting too much thought into this or is there an easy way?
 
In the same sence if one of the linux distros like ipcop will do what I'm asking what do you all recomend I run it on? I was thinking like an EPIA CL6000 as it has dual nics and is fanless. I would then just need to add a wireless card into the mix. I should mention that his desktop and notebook are connected via wireless as I was too lazy to run a cable into his room when he moved in.

I talked with linksys on there webchat thing and they said the wrt54g will let me set up access restrictions to do this. I'm going to pick one up to try it. I am still interested in doing this with a single board machine/fanless mini-itx insted if anyone has a good idea on what I can do it with.
 
Really, for IPCop, any old system would do. Mine was running on a Pentium II 450mhz box with 64mb of ram for a while. Since then its migrated to a P3 700 @ 850mhz with 492mb ram (way more than is needed - ram usage never breaks 128mb) on which the system cpu usage never breaks 15%, rest is used by folding. If you have a box like that, or can get one cheap, just get two PCI NICs for it, and you can install the basic setup.
 
I know any old system will do but if I'm going to do it then I want it real quite. With a single board pc with pc card there would be no sound. Same with a mini-itx with compact flash although if I did that I would enable ftp access and install apache and use a laptop hd. Still very little noise. Hell the 633 celeron that is sitting in the corner(the only old pc I have left) would smoke one of those fanless mini-itx boards.......
 
swatbat said:
I know any old system will do but if I'm going to do it then I want it real quite. With a single board pc with pc card there would be no sound. Same with a mini-itx with compact flash although if I did that I would enable ftp access and install apache and use a laptop hd. Still very little noise. Hell the 633 celeron that is sitting in the corner(the only old pc I have left) would smoke one of those fanless mini-itx boards.......
Click to expand...

Or if you wanna do something totally small, check out what the recommended hardware is for a monowall.
 
Asgorath said:
Or if you wanna do something totally small, check out what the recommended hardware is for a monowall.
Click to expand...

That is why I was looking at WRAP.1E-2. It is one of the boards that m0n0wall was designed to run on. I still may load it on an old machine to try it but m9n0wall doesn't really see to have mac filtering in a normal sence. This is pretty much needed for wireless. So I would have to use wep without it or do something elce. I'm going to try one of the linkys routers as I talked to them and they said they would do it. I may still end up getting a wrap or something or maybe a mini-itx as the mini-itx will given me more options to use the linux based ones without going through some hell at getting them setup for a wrap board.
 
swatbat said:
That is why I was looking at WRAP.1E-2. It is one of the boards that m0n0wall was designed to run on. I still may load it on an old machine to try it but m9n0wall doesn't really see to have mac filtering in a normal sence. This is pretty much needed for wireless. So I would have to use wep without it or do something elce. I'm going to try one of the linkys routers as I talked to them and they said they would do it. I may still end up getting a wrap or something or maybe a mini-itx as the mini-itx will given me more options to use the linux based ones without going through some hell at getting them setup for a wrap board.
Click to expand...

Why is mac filtering such a requirement. MAC spoofing is so easy. If its security you want there are other better ways.
 
I don't run that much stuff over wirless but mac filtering at least slows down the process of someone getting on my network. Not like it matters but so much though. Like 3 of my neighbors have open networks for people to jump onto.
 
swatbat said:
I don't run that much stuff over wirless but mac filtering at least slows down the process of someone getting on my network. Not like it matters but so much though. Like 3 of my neighbors have open networks for people to jump onto.
Click to expand...

There's a good quote for that, but basically it says that you shouldn't put up security that is actually a joke just to make yourself feel better. Put up real security and let people try, but know that they will fail.

Just run some form of WPA and call it a day. And/Or run monowall's captive portal.
 
You must log in or register to reply here.
Back
Top