[GRLUG] Time-Based Internet Blocking?

Greg Folkert greg at gregfolkert.net
Sun Feb 24 22:45:18 EST 2008 

On Sun, 2008-02-24 at 16:20 -0500, Luke McReynolds wrote:
> Hi GRLUG,
[snip story]
> My question is,
> 
> Do you guys know of an easily-configurable "Internet blocker" that I
> could install on my linux notebook? If I could block myself from the
> internet for a couple hours at a time, I think I could get a lot more
> done.
> 
> I mostly study at school using the free wi-fi, so I'm not really
> looking for a server-based option. (Blocking my MAC address or
> internal LAN IP address from accessing port 80 on the router level,
> for example.)
> 
> Do you guys have any suggestions that don't include prescriptions for
> anti-ADD medication?

0 22 * * 0-4 /sbin/route del -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.1 dev eth0
0 8 * * 1-5 /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.1.1 dev eth0


That works for my daughter's computer to shut her down at 10PM
weeknights.

You might want to do some script writing to grab the currently active
interface and current default route and use them in something like those
crontab entries.

a quicky for detecting the default device:

`route -n | grep ^0.0.0.0 | xargs | cut -f1-3,8 -d\ `

yes there is a space after the slash. Sure you could use awk...

but on my laptop I get this:

        maxime:~# route -n | grep ^0.0.0.0 | xargs | cut -f1-3,8 -d\  
        0.0.0.0 192.168.1.1 0.0.0.0 wlan0
        
On my daughter's machine I get:

        root at maymo:~# route -n | grep ^0.0.0.0 | xargs | cut -f1-3,8 -d\ 
        0.0.0.0 192.168.1.1 0.0.0.0 eth0

Now for those not to sure about route and its output here it is fully:

        root at maymo:~# route -n
        Kernel IP routing table
        Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
        192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
        169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
        0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

So, you can see I cut out Fields 1,2,3 and 8, being Destination,
Gateway, Mask and Device.

Do a script that put those in the right places for the shutoff and
voila ... you are good.

It'll keep you able to print and so on, provided you are on the same
subnet.

And to if it, you either reboot or force your networking to restart and
you are back in business.

You could also show self-restraint... (yeah I know, I'm not one to talk)


BTW, I let you make your own script, as it'll help you understand more
about doing things.

Personally I learned using sh and ksh... but now swear by bash or dash.
-- 
greg at gregfolkert.net
PGP key 1024D/B524687C 2003-08-05
Fingerprint: E1D3 E3D7 5850 957E FED0  2B3A ED66 6971 B524 687C
Alternate Fingerprint: 09F9 1102 9D74  E35B D841 56C5 6356 88C0
Alternate Fingerprint: 455F E104 22CA  29C4 933F 9505 2B79 2AB2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://shinobu.grlug.org/pipermail/grlug/attachments/20080224/1b6592bc/attachment-0001.pgp

More information about the grlug mailing list