config/yadm: improve internet filter
This commit is contained in:
parent
3459d28333
commit
9be43b4b2e
|
@ -52,7 +52,10 @@ highlight "Block internet at night & on weekdays in the morning to force focus"
|
||||||
# https://askubuntu.com/a/124512 and https://blog.sleeplessbeastie.eu/2018/06/21/how-to-create-iptables-firewall-using-custom-chains/
|
# https://askubuntu.com/a/124512 and https://blog.sleeplessbeastie.eu/2018/06/21/how-to-create-iptables-firewall-using-custom-chains/
|
||||||
sudo iptables --new-chain chain-times 2>/dev/null || sudo iptables --flush chain-times
|
sudo iptables --new-chain chain-times 2>/dev/null || sudo iptables --flush chain-times
|
||||||
time9=$(date -u -d "$(date -d 09:00)" +%k)
|
time9=$(date -u -d "$(date -d 09:00)" +%k)
|
||||||
sudo iptables -A chain-times -m owner --uid-owner janek -j DROP -m time --timestart $(date -u -d "$(date -d 0)" +%k):00 --timestop $time9:00
|
# Always allow local connections - https://serverfault.com/a/550278
|
||||||
|
sudo iptables -A chain-times -m owner --uid-owner janek -d 192.168.1.0/24 -j ACCEPT
|
||||||
|
sudo iptables -A chain-times -m owner --uid-owner janek -d 127.0.0.0/8 -j ACCEPT
|
||||||
|
sudo iptables -A chain-times -m owner --uid-owner janek -j DROP -m time --timestart $(date -u -d "$(date -d 22)" +%k):00 --timestop $time9:00
|
||||||
sudo iptables -A chain-times -m owner --uid-owner janek -j DROP -m time --weekdays 1-5 --timestart $time9:20 --timestop $(expr $time9 + 1):00
|
sudo iptables -A chain-times -m owner --uid-owner janek -j DROP -m time --weekdays 1-5 --timestart $time9:20 --timestop $(expr $time9 + 1):00
|
||||||
sudo iptables -A chain-times -m owner --uid-owner janek -j DROP -m time --weekdays 1-5 --timestart $(expr $time9 + 1):20 --timestop $(expr $time9 + 2):00
|
sudo iptables -A chain-times -m owner --uid-owner janek -j DROP -m time --weekdays 1-5 --timestart $(expr $time9 + 1):20 --timestop $(expr $time9 + 2):00
|
||||||
sudo iptables -L OUTPUT | grep -q "^chain-times" || sudo iptables -A OUTPUT -j chain-times
|
sudo iptables -L OUTPUT | grep -q "^chain-times" || sudo iptables -A OUTPUT -j chain-times
|
||||||
|
|
Loading…
Reference in New Issue