View from the Trenches: Virtual Curfews

Pulling together the pieces to meet real-world customer requests, and the value of learning from our mistakes.


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: View from the Trenches: Virtual Curfews

Anonymous's picture

Ipchains is far too old soon even to mention. Sorry, but I just had to say this. You must be more a writer than a sysadmin :)
Having had to learn both ipchains and iptables I can only say this - forget the older and learn only the newer. It's WAY better.
Oh and btw, if you had checked the iptables howto at, you'd know that there exists a mac target for the iptables. Hence - no need to hack around the DHCP on a two-pc-lan. Of course if you insist on being so orderly..
Of course, being so orderly.. you would probably like to use a side-chain for all the traffic from the little girl's pc, in case there would be more than one rule in the future.

Re: View from the Trenches: Virtual Curfews

Anonymous's picture

I think fcron would be able to handle the potential problem of the machine being down when a command was scheduled to be run:

"Fcron also includes a useful system of options, which can be applied either to every lines following the declaration or to a single line. Some of the supported options permit to:

* run jobs one by one,
* set the max system load average value under which the job should be run,
* set a nice value for a job,
* run jobs at fcron's startup if they should have been run during system down time,
* mail user to tell him a job has not run and why,
* a better management of the mailing of outputs ... "

Re: View from the Trenches: Virtual Curfews

Anonymous's picture

For people looking for this type of functionality, I recommend Censornet.

You can limit internet time by user or workstation. It has a nice GUI for administration and reports. There is a fairly active forum of users (and support techs).

It's GPL and free for download. They do take donations (I was glad to do this) so you can say, "How much was it worth to me to get a really nice customized Debian distro that does exactly what I was looking for...".

Hope this helps.

Re: View from the Trenches: Virtual Curfews

synthetoonz's picture

I did something similar, but hadn't thought of reconfiguring the network to do it.

Our rules were more simple -- the adults in the house have to go to work, so they need an appropriate amount of sleep. Therefore, the loud and badly behaved teenager in the house had to be forcibly prevented from playing SOCOM Online (an endeavor he insists must be done every waking moment) at unrealistic times of the night (or morning.)

So, I wrote a perl script that runs on the system acting as the firewall/dsl router.
cron runs the script every five minutes.
A list of up and down times is kept in the script.
If the current time is a down time, then the script refers to the list of the adult's computers in the house.
If any of the adult's computers respond to ping, then the script ends.
If none of the adult's computers are up, then the script shuts down the system. Totally.

Why waste electricity on something that isn't being used?

I was soooooo pleased with myself the first time it worked ;-)

(Oh, yes, and all the adult's computers require a password in order to boot.)

Re: View from the Trenches: Virtual Curfews

Anonymous's picture

Excellent article. This might be something that would integrate well into a "family firewall" product and be handled by a web interface easily. I'm sure I could find some people who would adopt such a product for a small one-time price. My parents would have loved to have had this too. :-)

I enjoyed how you insightfully drew out some real world consulting experience in addition to the fun technical perspective. Great mix of the two that I appreciated.


White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState