I have one rule in INPUT a one rule in forward but they are no working properly.
First input rule is the client from internet should be connect to the server behind GW (MT) except defined hours.
The result is drop is not working...I think because client had established connection before 19:00 or because fastrack is active(?)1 ;;; Block PC client Heneken BA
chain=input action=drop connection-state="" connection-nat-state=dstnat
src-address=176.10.43.91 time=19h-8h,sun,mon,tue,wed,thu,fri,sat log=no
log-prefix=""
2nd issue is similar.
My son has active internet in my home gw only from 9-12 a.m. If he try make new connection after 12:00 drop is working properly. If he has connection to the server established before between 9-12:00 drop is inactive and e.g. he can continue playing game after 12:00...he is clever, he found hole in my firewall;o). Have I specify rule for established connections?
11 I ;;; Povolenie netu nb
;;; inactive time
chain=forward action=accept src-address=10.100.10.90
time=9h-12h,sun,mon,tue,wed,thu,fri,sat log=no log-prefix=""
16 chain=forward action=drop src-address=10.100.10.90
dst-address=!10.100.0.0/16 log=no log-prefix=""
Can you update my firewall rules properly?
I have ROS 6.46.6 in the both cases.