FreshTomato Wiki

User Tools

Site Tools

Trace:
restrict-edit

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
restrict-edit [2023/05/10 04:11] – [Editing Access Restriction Rules] -removed level3 subhead with same name hogwildrestrict-edit [2023/06/27 19:14] – [Editing Access Restriction Rules]-Start explaining HTTP request examples hogwild
Line 3: Line 3:
 The Access Restriction menu contains functions that allow you to block: The Access Restriction menu contains functions that allow you to block:
  
 +  * Access to the entire Internet.
   * Access to portions of the the Internet.   * Access to portions of the the Internet.
-  * Access to the entire Internet.  
   * WiFi access to the network.   * WiFi access to the network.
  
-Restrictions are done based on rules and a schedule.+ Restrictions are done based on rules and a schedule.
  
-Access Restriction only blocks traffic routed outbound to the Internet. It **cannot** restrict access between (switched) LAN clients. It also cannot block traffic when the device is used as a switch only or as a wireless bridge. In such cases, see the [[wireless_filtering|Wireless MAC filtering via script/scheduler]] and the [[device_filtering|Block devices via script/scheduler]] HOWTO pages.+Access Restriction only blocks traffic routed outbound to the Internet. It **cannot** restrict access between (switched) LAN clients. It also cannot block traffic when the device is used as a switch only or as a wireless bridge. For those scenarios, see the HOWTOs entitled: [[wireless_filtering|Wireless MAC filtering via script/scheduler]] and [[device_filtering|Block devices via script/scheduler]]. 
 + 
 + \\
  
 Rules can be customized to block: Rules can be customized to block:
Line 20: Line 22:
   * Combinations of the above   * Combinations of the above
  
-Rules can be edited in the Web interface, and through scripts. Please see: [[access_restrictions|Scripting Access Restrictions]] in the HOWTOs section.+Rules can be edited in the Web interface, and through scripts. Please see the HOWTO entitled: [[access_restrictions|Scripting Access Restrictions]].
  
  
Line 27: Line 29:
 The table in this section displays all saved rules, both active and inactive. The table in this section displays all saved rules, both active and inactive.
  
-All rules are listed here. However, adding/editing any rules will forward you to //another menu// where you can edit the rules.+All rules are listed here. However, adding/editing any rules will forward you to another menu where you can edit the rules.
  
-\\  {{:access_restriction_overview_cropped.png?697}}+\\  {{:access_restriction_overview_cropped.png?775}}
  
  
Line 39: Line 41:
  
   * To delete an existing rule, click on it on the Overview page, then in Rule Editing, click **Delete**.   * To delete an existing rule, click on it on the Overview page, then in Rule Editing, click **Delete**.
-  * To **Edit **an existing rule, click on the rule on the Overview page, make the changes and click Save.+  * To **Edit **an existing rule, click on it on the Overview page, make the changes and click Save.
   * To **Add** a new rule, click the //Add//  button on the Overview page, configure the changes and click Save.   * To **Add** a new rule, click the //Add//  button on the Overview page, configure the changes and click Save.
   * On the Rule Editing page, sequential rule numbers will display at the top left (For example: ID: 01)   * On the Rule Editing page, sequential rule numbers will display at the top left (For example: ID: 01)
   * These numbers will increment by 1 for each new rule you create.\\   * These numbers will increment by 1 for each new rule you create.\\
  
-\\  {{::access_restriction_editing_cropped.png?622x527}}+\\  {{::access_restriction_editing_cropped.png?700x593}}
  
  \\  \\
  
 +\\ **Enabled:**  Checking this enables this rule.
  
 +**Description:**  Here, you enter a name for this rule.
  
-\\ **Enabled:** Checking this enables the rule this rule.+**Schedule:**  Here, you configure the schedule settings for this rule.
  
-**Description:** Here, you enter a name for this rule. +  * All Day Checking this applies the rule for the entire day (for all days selected in the Day section).
- +
-**Schedule:** Here, you configure settings for this rule's schedule. +
- +
-  * All DayChecking this applies the rule for the entire day (for all days selected in the Day section).+
     * Enabling this makes the Time options disappear.     * Enabling this makes the Time options disappear.
-  * Every DayChecking this applies the rule every day.+  * Every Day Checking this applies the rule every day.
     * Enabling this makes the Days options disappear.     * Enabling this makes the Days options disappear.
- +  * Time Here, you set the start time and end time when this rule will be applied. 
-  * TimeHere, you set the start time and end time when this rule will be applied. +  * Days Here, you set the Days on which this rule will be applied.
-  * DaysHere, you set the Days on which this rule will be applied.+
  
  \\ **Type:**  \\ **Type:**
  
-  * **Normal Access Restriction:** Specifies this rule will include all options set below the "Disable Wireless" option. +  * Normal Access Restriction - Sets the rule to include all options set below the "Disable Wireless" option. 
-  * **Disable Wireless:** This rule will disable all WiFi interfaces on the router.+  * Disable Wireless This rule will disable all WiFi interfaces on the router.
  
 \\ **Applies To:** \\ **Applies To:**
  
-  * **All Computers/Devices:** This rule will apply to all network clients. +  * All Computers/Devices This rule will apply to all network clients. 
-  * **The Following...**  This rule will apply to only the specified network clients. +  * The Following... This rule will apply to only the specified network clients. 
     * Add clients by entering their MAC or IP address in the MAC/IP Address field, then clicking //Add//.     * Add clients by entering their MAC or IP address in the MAC/IP Address field, then clicking //Add//.
     * Clients must be added one at a time.     * Clients must be added one at a time.
-  * **All Except...**  This rule will apply to all network clients except the one specified. +  * All Except... This rule will apply to all network clients except the one specified. 
     * You can think of this as somewhat similar to a client whitelist.     * You can think of this as somewhat similar to a client whitelist.
     * Add clients by entering their MAC or IP address in the MAC/IP Address box, then clicking //Add//     * Add clients by entering their MAC or IP address in the MAC/IP Address box, then clicking //Add//
Line 82: Line 81:
 \\ **Blocked Resources:** \\ **Blocked Resources:**
  
-  * **Block All Internet Access:** Enabling this blocks all Internet access to the selected network clients.+  * Block All Internet Access Enabling this blocks all Internet access to the selected network clients.
  
 \\ **Port / Application:** \\ **Port / Application:**
Line 88: Line 87:
 More than one rule can be configured, click the //Add// button to add a rule. More than one rule can be configured, click the //Add// button to add a rule.
  
-  * **Protocol:** Choose a protocol to block. Choosing a protocol with fixed ports will grey out the port field. +  * Protocol Choose a protocol to block. Choosing a protocol with fixed ports will grey out the port field. 
-  * **Port:** Select a source port and/or destination port in the dropdown. Then, enter the port number in the next box.+  * Port Select a source port/destination port in the dropdown. Then, enter the port number in the next box.
     * This may be greyed out if you choose a fixed protocol in the Protocol field.     * This may be greyed out if you choose a fixed protocol in the Protocol field.
-  * **Application:** Select which application to block.  +  * Application Select which application to block.  
-  * **Address:** Select source and/or destination IP address, then enter the IP address in the next field.+  * Address Select source and/or destination IP address, then enter the IP address in the next field.
  
 \\ **HTTP Request:** \\ **HTTP Request:**
  
-word text+In this field, you enter the text which will have the Access Restriction in this rule applied to it. 
 + 
 +For example: 
 + 
 +An entry that contains: %%^begins-with.domain%% 
 + 
 +will block access to any domain that start with the text "begins-with"
 + 
 +An entry that contains: %%.ends-with.net$%%
  
-^begins-with.domain.+will block any domain that ends with "net" .
  
 +An entry that contains: %%^www.exact-domain.net$%%
  
 +will block any entry that begins with "www.exact-domain" and ends with ".net"\\
  
 **HTTP Requested Files: ** **HTTP Requested Files: **
Line 106: Line 115:
 This function will block download of certain file types, including the following: This function will block download of certain file types, including the following:
  
-  * ActiveX: These Windows controls usually have a .dll or .ocx file ending. +  * ActiveX - This will block Windows controls (which usually have a .ocx or .cab file ending)
-  * Flash (swf) +  * Flash (swf) - This option will block Flash .swf files. 
-  * Java (class, jar)+  * Java (class, jar) - This option will block Java (usually class or .jar) files.
  
-\\ **Delete:** Deletes the Access Restriction rule displayed on the screen.+\\ **Delete:**  Deletes the Access Restriction rule displayed on the screen.
  
-**Save:** Saves the current rule displayed on the screen.+**Save:**  Saves the current rule displayed on the screen.
  
-**Cancel:** Cancels the current rule change(s) or creation, then returns you to the Access Restriction Overview page.+**Cancel:**  Cancels the current rule change(s) or creation, and returns you to the Access Restriction Overview page.  \\   \\   \\
  
  
restrict-edit.txt · Last modified: 2023/06/27 19:15 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki