IPFW a modulovani toku v case

Kojott fbsdconf at kousek.cz
Mon Jan 12 18:42:08 CET 2004


Nize ukazka, jak se to jednoduse omezi... ;) nijak moc jsem to
nezkousel, jen priklad, jak to udelat...
Staci to spoustet kazdou hodku z cronu... ;)

Jirka

hourshaper.pl
#!/usr/bin/perl -w

use POSIX;

open(DATA, "/etc/hourshaper.conf")
        or die "Nelze otevrit hourshaper.conf";

$hodina=strftime("%H",localtime(time));
print "$hodina\n";
print `ipfw delete 1000`;
while($radek=<DATA>) {
        chomp($radek);
        if($radek =~ /^#/ or $radek =~ "") {}
        else {
                ($ip,$od,$do) = split(" ",$radek);
                if($hodina>=$od && $hodina<=$do) {}
                else {
                        print `ipfw add 1000 deny tcp from $ip to not
10.0.0.0/8`;
                        print `ipfw add 1000 deny tcp from not
10.0.0.0/8 to $ip`;
                }
        }
}

close(DATA);
exit;

-----------------------------------

hourshaper.conf
# ---------------------------------------
# IP OD DO
#
# neboli tomuhle uzivateli to bude fungovat od deviti do sesti vecer...
10.1.1.199 09 18
10.1.1.198 01 19





More information about the Users-l mailing list