Differences

This shows you the differences between two versions of the page.

--- access_restrictions [2021/08/24 23:54] – hogwild
+++ access_restrictions [2023/10/26 17:20] (current) – [Scripting Access Restrictions] -format hogwild
@@ Line 1: / Line 1: @@
-====== Access Restrictions ======
+====== Scripting Access Restrictions ======
-Access Restriction rules are coded as strings separated by pipe ( | ) symbols. These are stored in NVRAM as variables named //rrule0//, //rrule1//, //rrule2// etcetera. To see what's in the first rule, we can issue the following command at the FreshTomato shell prompt:
+Access Restriction rules are coded as strings separated by pipe ( | ) symbols. These are stored in NVRAM as variables named //rrule0//, //rrule1//, //rrule2// and so on.
+ \\
+To see what's in the first rule, we can issue the following command at a FreshTomato shell prompt:
+ \\
 <code ->
@@ Line 10: / Line 16: @@
 The returned string might look something like this:
+ \\
 <code ->
@@ Line 17: / Line 25: @@
 \\
-Let's take a closer look at what each of these nine fields separated by a pipe ( | ) means:
+Let's look more closely at what each of these fields separated by a pipe ( | ) symbol means.
 **Field 1:** indicates whether the rule is currently enabled (1) or disabled (0).
-**Field 2:** specifies the start time, or time to start applying this rule, in minutes elapsed since midnight. In this case, start time is 5:40 AM, so the router should enforce this rule starting at 9:00 AM.
+**Field 2:** specifies the start time, (time to start applying this rule), in minutes elapsed since midnight.
-**Field 3:**  is the end time, or the time to stop applying this rule. This is coded the same way as the start time. Both the second and third fields will be -1 if you select the //‘All Day’// option in the Access Restrictions menu.
+In this case, start time is 5:40 AM, so the router should enforce this rule starting at 9:00 AM.
-**Field 4:** specifies the days of week on which the rule will be applied. It is coded in binary: 1 for Sunday, 2 for Monday, 4 for Tuesday, and so on.
+**Field 3:**  is the end time, (time to stop applying this rule). This is coded similarly to the start time.
-For multiple days, add the corresponding numbers for each day. In the above example the fourth field is 62 which is equal to 2+4+8+16+32 . This means the rule should be active on Mon, Tue, Wed, Thu, and Fri. In other words, only on week days. If you had checked the option //Everyday// this value would be 127.
+Both the second and third fields will be -1 if you select the //‘All Day’// option in the Access Restrictions menu.
+**Field 4:** specifies on which days the rule will be applied.
+It is coded in binary:
+  * 1 = Sunday
+  * 2 = Monday
+  * 4 = Tuesday
+  * 8 = Wednesday
+  * 16 = Thursday
+  * 32 = Friday
+  * 64 = Saturday
+ \\
+For multiple days, simply add together the corresponding numbers for each day.
+In the above example, the fourth field is 62, which is equal to 2 + 4 + 8 + 16 + 32 . This means the rule should be active on Mon, Tue, Wed, Thu, and Fri. That is, only on weekdays. If you had checked the //Everyday// option, the value would have been 127.
 **Field 5:** shows the IP or MAC Address range on your network for which the rule should be applied.
-**Field 6:** This has the //Port/Application// information coded in it. In other words, which ports numbers, protocols, Layer 7 and p2p applications should be blocked by this rule.
+**Field 6:** has the //Port/Application// information coded in it. In other words, which port numbers and protocols. This rule should block Layer 7 and p2p applications.
-**Field 7:**  This field contains the Domains/URLs you want to block. It partially supports regular expressions. In the above example, domain names ending in //block-site.com// are blocked.
+**Field 7:**  contains the Domains/URLs to block. It partially supports regular expressions.
-**Field 8:**  This field stores as a binary coded value if ActiveX, Flash or Java are to be blocked  – 1 for ActiveX, 2 for Flash and 4 for Java.
+In the example above, domain names ending with "block-site.com" are blocked.
-**Field 9:**  This field stores the name that you gave to the above rule.
+**Field 8:**  stores a binary coded value if ActiveX, Flash or Java are set to be blocked.
+  * A "1" will block ActiveX.
+  * A "2" will block Flash.
+  * A "4" will block Java.
  \\
-Now that we have a basic understanding about how Access Restriction rules work, we can write shell scripts to control the rules. Below is the script which will enable or disable a rule. Two values are passed on the command line – the rule number and either a "0" or "1" to disable or enable the service, respectively. If you have **jffs** enabled in the FreshTomato menus, you can copy the script under jffs directory and schedule it to run as a cron job, if you wish.
+**Field 9:**  stores the name that you gave to the rule being edited.
+ \\ Now that we have a basic sense of how Access Restriction rules work, we can write shell scripts to control the rules. The script below will enable or disable a rule. Two values are passed on the command line – the rule number and either a "0" or "1" to disable or enable the service.
 \\
 <code ->
 #!/bin/sh
@@ Line 81: / Line 115: @@
 done
 </code>
+\\
+If you have JFFS enabled in FreshTomato, you can copy the script under the jffs directory and schedule it to run as a cron job, if you wish.
+ \\
+ \\
 ===== Credits =====
-[[http://web.archive.org/web/20160321090715/http://infinilogix.com/wordpress/network-programming/routers/how-to-control-access-restriction-rules-in-tomato-by-a-shell-script|Credit to Justin from "infinilogix.com" - original page which is only accessible via archive.org now]]
+[[http://web.archive.org/web/20160321090715/http://infinilogix.com/wordpress/network-programming/routers/how-to-control-access-restriction-rules-in-tomato-by-a-shell-script|Credit: Justin from "infinilogix.com" - original page which is now only accessible via archive.org]]

FreshTomato Wiki

User Tools

Site Tools

Differences

Page Tools