{"id":2153,"date":"2013-07-07T11:29:46","date_gmt":"2013-07-07T03:29:46","guid":{"rendered":"http:\/\/rmohan.com\/?p=2153"},"modified":"2013-07-07T11:29:46","modified_gmt":"2013-07-07T03:29:46","slug":"time-bases-iptables-rules","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=2153","title":{"rendered":"Time bases iptables rules"},"content":{"rendered":"<p>f you want to restrict\/allow access to certain service on timely basis using iptables.<\/p>\n<p><strong>Use <\/strong>: iptables\u00a0<a href=\"http:\/\/hiderefer.com\/?http:\/\/www.netfilter.org\/documentation\/HOWTO\/netfilter-extensions-HOWTO-2.html#ss2.1\"><strong>patch-o-matic<\/strong><\/a>\u00a0extension (pom or p-o-m)<\/p>\n<p>That allows us to match a packet based on its arrival or departure \u00a0timestamp.<\/p>\n<p><strong>Syntax :<\/strong> iptables RULE -m time \u2013timestart TIME \u2013timestop TIME \u2013days DAYS -j ACTION<\/p>\n<p>\u2013timestart TIME: Time start value (format is 00:00-23:59)<\/p>\n<p>\u2013timestop TIME: Time stop value (the same format)<\/p>\n<p>\u2013days DAYS: a list of days to apply, from (format: Mon, Tue, Wed, Thu, Fri, Sat, Sun).<\/p>\n<p><strong>Example<\/strong> :\u00a0\u00a0We want to\u00a0\u00a0restrict access to SSH between 10:00 pm \u2013 8:00am on weekdays.<\/p>\n<p>#iptables -A INPUT -p tcp -d 192.168.10.1 \u2013dport 22 -m time \u2013timestart 22:00 \u2013timestop 8:00 -days Mon,Tue,Wed,Thu,Fri -j DROP<\/p>\n","protected":false},"excerpt":{"rendered":"<p>f you want to restrict\/allow access to certain service on timely basis using iptables.<\/p>\n<p>Use : iptables patch-o-matic extension (pom or p-o-m)<\/p>\n<p>That allows us to match a packet based on its arrival or departure timestamp.<\/p>\n<p>Syntax : iptables RULE -m time \u2013timestart TIME \u2013timestop TIME \u2013days DAYS -j ACTION<\/p>\n<p>\u2013timestart TIME: Time start value [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2153"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2153"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2153\/revisions"}],"predecessor-version":[{"id":2154,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2153\/revisions\/2154"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2153"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2153"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2153"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}