Firewall "state" confusion

So, I am trying to move “state established, related” from general settings to rules.
Why, I want to KILL immediately ALL connections from kids computers to Internet at 22.00
If I just activate “drop/reject” to outgoing connections already established connections stay up.
Unfortunately putting “established” “related” to rules are very briefly documented.
So, what does the statement
state {
established enable
related enable
}
does exactly?
Will it set the rule match IF connection is enabled ie. immediately drops the connection.
OR
enables related connection IF the rule matches?
Which one takes precedence?
Thus far I tried both “enabled” and “disabled” but did not get the desired effect “immediately drop all established connections”
vyos@gw:~$ show version

Version: VyOS 1.4-rolling-202102100753
Release Train: sagitta

Built by: autobuild@vyos.net
Built on: Wed 10 Feb 2021 07:54 UTC
Build UUID: b99c3240-c9a7-4f01-ac6c-c1d2e4748c2b
Build Commit ID: aec60effa4e36e

Architecture: x86_64
Boot via: installed image
System type: bare metal

Hardware vendor: Dell Inc.
Hardware model: Inspiron N5110
Hardware S/N: CKQ9HP1
Hardware UUID: 4c4c4544-004b-5110-8039-c3c04f485031

Hi,

You can use the “time” parameter in the matching criteria and drop the desired traffic.

vyos@vyos# set firewall name x rule x time
Possible completions:
   monthdays    Monthdays to match rule on
   startdate    Date to start matching rule
   starttime    Time of day to start matching rule
   stopdate     Date to stop matching rule
   stoptime     Time of day to stop matching rule
   utc          Interpret times for startdate, stopdate, starttime and stoptime to be UTC
   weekdays     Weekdays to match rule on

Please refer the following document for in detail firewall related commands.

https://docs.vyos.io/en/latest/configuration/firewall/index.html#matching-criteria

establised-related

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.