You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am running openwrt_cc, and having trouble with time+date based firewall rules. Time based rules (without date) work fine, but as soon as I add the date, the time no longer works. I expect such rules to take effect at the specified times within the specified dates. The resulting iptables do not look right. See below.
0 0 zone_wan_dest_REJECT all -- any any anywhere anywhere MAC 00:16:3E:D2:96:CF TIME from 20:30:00 to 20:40:00 starting from 2018-04-10 01:00:00 until date 2018-04-11 01:00:00 UTC /* lan-00:16:3e:d2:96:cf */
Notice the date values are followed by "01:00:00" which doesn't seem right. I can't seem to control these values in any way from the uci.
The text was updated successfully, but these errors were encountered:
The values stem from the kernel timezone offset, try setting option utc_time 1 in your rule. Furthermore your used firewall version is quite old, please try to reproduce the problem on a current version.
Correction, I tracked it down to the use of mktime() instead of gmtime() - this causes the firewall to generate timestamps with the local timezone offset.
Bug appears again in (device is a netgear R6220) running
Powered by LuCI openwrt-19.07 branch (git-19.309.76540-c0e73d3) / OpenWrt 19.07.0-rc1 r10649-c4fdb377a2
All day of the week based rules are ignored. Only time based rules are taken into account.
Sample non working rule :
config rule
option proto 'tcp udp'
list weekdays 'Wed'
option src 'lan'
option name 'T Mer'
option src_ip '192.168.99.192/27'
option target 'ACCEPT'
option start_time '14:00:00'
option stop_time '16:30:00'
option dest 'lan'
Sample working rule :
config rule
option proto 'tcp udp'
option src 'lan'
option name 'T LunMar'
option src_ip '192.168.99.192/27'
option target 'ACCEPT'
option dest 'wan'
option start_time '18:15:00'
option stop_time '19:15:00'
Working rules stops working when explicitely selecting all seven days of the week.
Working/not working means the rule does not appear in the firewall rules list once changes have been saved. And thus are not applied to trafic.
duane_butler:
I am running openwrt_cc, and having trouble with time+date based firewall rules. Time based rules (without date) work fine, but as soon as I add the date, the time no longer works. I expect such rules to take effect at the specified times within the specified dates. The resulting iptables do not look right. See below.
PKG_NAME:=firewall
PKG_VERSION:=2015-07-27
PKG_SOURCE_URL:=git://nbd.name/firewall3.git
PKG_SOURCE_VERSION:=980b7859bbd1db1e5e46422fccccbce38f9809ab
firewall uci:
config rule
option name 'lan-00:16:3e:d2:96:cf'
option src 'lan'
option dest 'wan'
option proto 'any'
option target 'REJECT'
option src_mac '00:16:3e:d2:96:cf'
option start_date '2018-04-10'
option stop_date '2018-04-11'
option start_time '20:30:00'
option stop_time '20:40:00'
iptables entry:
Notice the date values are followed by "01:00:00" which doesn't seem right. I can't seem to control these values in any way from the uci.
The text was updated successfully, but these errors were encountered: