I have a MikroTik router and am overall pretty happy with it. Especially the Caps-Man feature for central administration of Wifi access points is great.
One thing I am a bit fighting with is restricting my kids from accessing the internet at certain times of the day. The firewall offers quite some features, but I can't get it to cut existing connections when the rule is triggered by time (and this is also true for the dynamic rules of the kid control feature). But then perhaps I just don't understand routeros well enough.
What I have done is to set up access-lists for caps-man. When they are enabled, WiFi access is no longer possible. They kick in well at the right time, so all is good.
But: sometimes my kids get legitimate exceptions and when I then forget to re-enable the rule, they won't tell me :)
What I have done is created the following script, which is nightly triggered from the scheduler:
:local maccaps :foreach i in=[/caps-man access-list find ] do={ :set maccaps ( [/caps-man access-list get value-name=comment number=$i]) :if ($maccaps~ "^RESET .*\$") do={ /caps-man access-list enable numbers=$i } }
This looks for access list entries with a comment, where the comment starts with "RESET ". If found the script just re-enables that access list rule.
Permissions needed are read, write and policy.
Please let me know if there are better options.
No comments:
Post a Comment