Firewall Starttime & Stoptime not working in 1.4-rc3?

Could you please add such detailes to netfilter bug?
https://bugzilla.netfilter.org/show_bug.cgi?id=1737

Funny you should ask, because I tried creating an account which is only available via email. Still waiting. I also included what I posted here in that email.

Cheers

1 Like

Hi,

In case you’re using time based firewall rules. I am currently working around this issue by using scripts and schedules. Not pretty but works for now. Can also modify script to make it more generic to accept the rule number.

Create script file:
/config/scripts/enablefw.sh

#!/bin/vbash

VALUE=$1

source /opt/vyatta/etc/functions/script-template

if [ "$VALUE" = "enable" ]; then

  configure

  delete firewall ipv4 name LAN-WAN rule 260 disable
  delete firewall ipv4 name LAN-WAN rule 270 disable
  delete firewall ipv4 name LAN-WAN rule 271 disable
  commit
  exit

elif [ "$VALUE" = "disable" ]; then

  configure

  set firewall ipv4 name LAN-WAN rule 260 disable
  set firewall ipv4 name LAN-WAN rule 270 disable
  set firewall ipv4 name LAN-WAN rule 271 disable

  commit
  exit

fi

Then I created some schedules to interact with the script

set system task-scheduler task disable_timed_rule crontab-spec '30 22 * * SUN'
set system task-scheduler task disable_timed_rule executable arguments 'disable'
set system task-scheduler task disable_timed_rule executable path '/config/scripts/enablefw.sh'
set system task-scheduler task enable_timed_rule crontab-spec '30 16 * * FRI'
set system task-scheduler task enable_timed_rule executable arguments 'enable'
set system task-scheduler task enable_timed_rule executable path '/config/scripts/enablefw.sh'
1 Like