This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
restrict-edit [2023/06/27 16:44] – [Access Restriction Overview] -resize screenshot: 775x202 hogwild | restrict-edit [2023/06/27 19:15] (current) – [Editing Access Restriction Rules] -formatting hogwild | ||
---|---|---|---|
Line 10: | Line 10: | ||
Access Restriction only blocks traffic routed outbound to the Internet. It **cannot** restrict access between (switched) LAN clients. It also cannot block traffic when the device is used as a switch only or as a wireless bridge. For those scenarios, see the HOWTOs entitled: [[wireless_filtering|Wireless MAC filtering via script/ | Access Restriction only blocks traffic routed outbound to the Internet. It **cannot** restrict access between (switched) LAN clients. It also cannot block traffic when the device is used as a switch only or as a wireless bridge. For those scenarios, see the HOWTOs entitled: [[wireless_filtering|Wireless MAC filtering via script/ | ||
+ | |||
+ | \\ | ||
Rules can be customized to block: | Rules can be customized to block: | ||
Line 20: | Line 22: | ||
* Combinations of the above | * Combinations of the above | ||
- | Rules can be edited in the Web interface, and through scripts. Please see: [[access_restrictions|Scripting Access Restrictions]] | + | Rules can be edited in the Web interface, and through scripts. Please see the HOWTO entitled: [[access_restrictions|Scripting Access Restrictions]]. |
Line 44: | Line 46: | ||
* These numbers will increment by 1 for each new rule you create.\\ | * These numbers will increment by 1 for each new rule you create.\\ | ||
- | \\ {{:: | + | \\ {{:: |
\\ | \\ | ||
+ | \\ **Enabled: | ||
+ | **Description: | ||
- | \\ **Enabled:** Checking this enables | + | **Schedule:** Here, you configure |
- | **Description: | + | |
- | + | ||
- | **Schedule: | + | |
- | + | ||
- | | + | |
* Enabling this makes the Time options disappear. | * Enabling this makes the Time options disappear. | ||
- | * Every Day: Checking this applies the rule every day. | + | * Every Day - Checking this applies the rule every day. |
* Enabling this makes the Days options disappear. | * Enabling this makes the Days options disappear. | ||
- | + | | |
- | | + | * Days - Here, you set the Days on which this rule will be applied. |
- | * Days: Here, you set the Days on which this rule will be applied. | + | |
\\ **Type:** | \\ **Type:** | ||
- | | + | * Normal Access Restriction |
- | | + | * Disable Wireless |
\\ **Applies To:** | \\ **Applies To:** | ||
- | | + | * All Computers/ |
- | | + | * The Following... |
* Add clients by entering their MAC or IP address in the MAC/IP Address field, then clicking //Add//. | * Add clients by entering their MAC or IP address in the MAC/IP Address field, then clicking //Add//. | ||
* Clients must be added one at a time. | * Clients must be added one at a time. | ||
- | | + | * All Except... |
* You can think of this as somewhat similar to a client whitelist. | * You can think of this as somewhat similar to a client whitelist. | ||
* Add clients by entering their MAC or IP address in the MAC/IP Address box, then clicking // | * Add clients by entering their MAC or IP address in the MAC/IP Address box, then clicking // | ||
Line 82: | Line 81: | ||
\\ **Blocked Resources: | \\ **Blocked Resources: | ||
- | | + | * Block All Internet Access |
\\ **Port / Application: | \\ **Port / Application: | ||
Line 88: | Line 87: | ||
More than one rule can be configured, click the //Add// button to add a rule. | More than one rule can be configured, click the //Add// button to add a rule. | ||
- | | + | * Protocol |
- | | + | * Port - Select a source port/ |
* This may be greyed out if you choose a fixed protocol in the Protocol field. | * This may be greyed out if you choose a fixed protocol in the Protocol field. | ||
- | | + | * Application |
- | | + | * Address |
\\ **HTTP Request:** | \\ **HTTP Request:** | ||
- | word text | + | In this field, you enter the text which will have the Access Restriction in this rule applied to it. |
- | ^begins-with.domain. | + | \\ |
+ | |||
+ | For example: | ||
+ | |||
+ | An entry that contains: "%%^begins-with.domain"%% | ||
+ | |||
+ | will block access to any domain that start with the text " | ||
+ | |||
+ | \\ | ||
+ | |||
+ | An entry that contains: " | ||
+ | |||
+ | will block any domain that ends with " | ||
+ | |||
+ | \\ | ||
+ | An entry that contains: " | ||
+ | will block any entry that begins with " | ||
**HTTP Requested Files: ** | **HTTP Requested Files: ** | ||
Line 106: | Line 121: | ||
This function will block download of certain file types, including the following: | This function will block download of certain file types, including the following: | ||
- | * ActiveX: These Windows controls usually have a .dll or .ocx file ending. | + | * ActiveX |
- | * Flash (swf) | + | * Flash (swf) - This option will block Flash .swf files. |
- | * Java (class, jar) | + | * Java (class, jar) - This option will block Java (usually class or .jar) files. |
- | \\ **Delete:** Deletes the Access Restriction rule displayed on the screen. | + | \\ **Delete: |
- | **Save:** Saves the current rule displayed on the screen. | + | **Save: |
- | **Cancel:** Cancels the current rule change(s) or creation, | + | **Cancel: |