Posted: Mon Sep 17, 2012 17:39 Post subject: Parental Control Limits- iptable cron job.
I’m new to the DDWRT group and just installed DD-WRT V24-sp2 (08/12/10) Mega (SVN Revision 14929) on a Linksys WRT-600N for more options on parental controls, among others. I moved from a Netgear Prosafe F336G VPN Router. I’ve spent about 15 hours researching parental controls and have found that DDWRT will do pretty much what I want it to do. Yes, for those interested, I’ve looked at all the software installed filters out there, but you can also youtube on how to get around them as well, and my kids have. What I am looking to accomplish is blocking access specific times of the day and week for all ports other than web to still allow for research for homework, etc., but taking away the ability to play games.
What drove me to DDWRT was the ability to utilize iptables and cron. Below is what I am thinking of putting in place, and am looking for feedback; good or bad. If there is a better way of accomplishing this or if you have other suggestions, I would love to hear them.
Also from my reading, I am understanding that crontabs are deleted when the device is rebooted, so I would have to insert the commands and create my files each time the device is restarted. I’ve also read about using busybox’s crond which would store everything elsewhere that isn’t overwritten on a reboot. Anyone have experience with this approach? I’ve also read about the DDWRT release of cron not waking, but have not been able to find out of this is just user error/inexperience or legit as there is no mention in the wiki about a known issue that I found.
Ok.. I modified it quite a bit after reading man pages and some other periodicals... Tested and seems to be working very well. My previous one had some issues.
Anyone that wants to install a parental control iptable filter, this is for you. This filter will restrict all access except for WWW & FTP (take off port 21 if you want) to a specific IP while allowing unrestricted access to the other devices on your network. I wanted to create a filter that would prevent my kids from playing any games like WoW or StarCract 2 etc online, but still giving access to the web should they need it for research.
My cron entry is below which invokes the scripts at different times. Currently my cron turns the filters on as follows:
Sunday – Thursday
Filter on between 7-9pm and back on permanently at 10:15pm until 7am the next morning.
Friday – Saturday
Filter comes off at 8:15am and comes on at 1:15am
I stored both files in /root. I kept it simple and gave it “chmod 777 filename” which gave it the necessary permissions to be ran. /root is actually on the /tmp partition, so it will be lost each time the unit reboots or loses power. Move this into the jiffs if you want to have it stored permanently.