Does anyone already accomplished to limit users usage of internet (tcp 80,21 only) by the time spent.
I know it is possible to limit by amount of data retrieved (delaying pool, I guess) or by schedule (defining acl) but I didn’t find anything about duration.
Let’s say I wish to allow the usage of internet for a User or Pc for 1 hour per day.
This seems pretty hard to reach. What does 1 hour mean? The user starts to surf and now there is a time window of 1 hour? The user is surfing a webpage, is reading on for 5 min or so, reads another and comes back in 2 hours to surf for another 10 minutes? It takes just a few seconds to load a page. How to know, what user does now in front a the machine? One possibility is to cause iptables to make a log entry with -m limit module, then browse this log with a script to raise a iptables command blocking this user via "at" in 1 hour. At midnight "cron" does a rule reset. This makes a time window of one hour! The same script could count the minutes with a protecting/reload mechanism for the same minute of surfing. "Cron" then can reset these counters, too. So you can accumulate surfing minutes per user. Hope that helps The Polarizer Polarizers at its best http://www.glasspolarizers.com