Dear all on forum, I’m beginner in networking and need your help 
…
I’d like to prohibit for certain devices on my LAN to access WAN (i.e. computers of my kids, when they should do their homework). LAN access (NAS, printer) should work. Ideally, as a script that would on/off that from Luci - System - Custom Commands (or from SSH)
What will be your advice?
Derive from this topic ?
Something like
config rule
option name ‘Vojta block at evening’
option dst ‘wan’
# option extra ‘-m time --weekdays Mon,Tue,Wed,Thu,Sun --timestart 21:30 --timestop 06:00 --kerneltz’
option target ‘REJECT’
option src_mac ‘C4:0B:CB:AE:3E:E3’
option src ‘*’
1 Like
if it’s to restrict kids when doing homework, I suspect the time-based part might actually be useful. (Assuming their homework can’t benefit from internet.) BTW, devices usually offer a simple way of changing their MAC to arbitrary value, so as many restrictions this isn’t very strong.
For a more user-friendly way of setting this up, have a look at this thread, specifically the part about the luci-access-control package: How to set-up parental control?