IP Networking

No, it's totally ok. I plan on connecting my friend's son's phone to the neighbour's first, then typing the command in the emulator to get the LAN MAC address.

Just curious... is there another way to get the LAN Mac address of a neighbour without connecting to the network?

---------- Post updated at 11:57 AM ---------- Previous update was at 11:56 AM ----------

That sounds interesting. My friend *might* want to do that. I'm not sure. Just so I can make the offer to him, how can I do that?

Phone him and ask for it.

You can prepend most IPtables rules with a '!' to reverse their meaning, so, a rule to reject all traffic that's not a certain mac address:

Code:

$IPTABLES -A INPUT -m mac ! --mac-source 00:00:00:00:00:00 -j DROP

This will reject absolutely everything ever, though. If that one acceptable router in the universe explodes, he will be trapped off the network.

THANKS!!!!

---------- Post updated at 03:58 PM ---------- Previous update was at 12:17 PM ----------

So... I have this other crazy idea. What if I want to simply block the neighbour's wireless based on time of day? Would it look like this?

Code:

$IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -m time --timestart 23:30 --timestop 07:30 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j DROP

If it is supposed to look like that, then would I get away with it knowing to go from 11:30pm to 7:30am the next day? Or would I have to make two separate rules like this?

Code:

$IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -m time --timestart 23:30 --timestop 23:59 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j DROP
$IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -m time --timestart 00:00 --timestop 07:30 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j DROP

One other question... you had my wheels turning when you said I can reverse the meaning by putting in the ! in the iptable rules. I have the flu/cold right now, so I can't think straight.

Is it possible to block ALL internet connection after 11:30pm, no matter where the connection? I assume so. I think I'm over complicating things in my head. I have yet to talk with my friend, but I want to give him all the options of what he wants to do. Perhaps that's what he's really looking for. No connection anywhere at night when his son would be alone on the internet (like if they're on vacation, etc).

I haven't actually tried that before, but it looks possible. Time zones may or may not be an issue in what iptables considers the 'current time' to be. Best I can say is 'try it'.

I don't think you need to specify individual days, no.

Okay, I had a little bit of clear in my brain fog, and I think I missed the obvious. I am assuming that if I want to block the Android from accessing any internet after 11:30pm, I would do this (everything but the MAC address):

Code:

$IPTABLES -A INPUT -m time --timestart 23:30 --timestop 07:30 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j DROP

I'm not sure why I thought of this sooner. I was obsessing on how to block access to the neighbour's wifi when I didn't even realize I could block the Android from all internet after 11:30pm, which I think my friend might like that idea best (like I said, for if they're on vacation, travelling, his son sleeps over at someone's house etc).

I'm *actually* just starting to understand iptables now. I feel so stupid. It's like learning to read the first time, LOL!

--days isn't a valid option according to my manual pages. There's --weekdays.

But I don't know why you'd bother. It hasn't assumed you don't want mon/tue/wed/thu/fri/sat/sun when you didn't give days before. It looks like a complete no-op to me.

I got the code from here: Iptables Restricting Access By Time Of The Day - nixCraft

You're right about the --weekdays code though. I tried it with days, and the rule would apply-- I was getting an error.

I tried the rule by itself (no time) and it blocked me off of my router (and I assume every wireless AP). However, I can't get it to work with the time rule. The rule will apply fine, I'll reboot, but I still have access to the internet. I was going by my Android's time. I would set for a time that would give me enough time to reboot and still have access. That time would pass, and I would still have access to the internet.

---------- Post updated at 06:12 PM ---------- Previous update was at 06:02 PM ----------

Figured it out! I opened the terminal emulator, typed

Code:

date

And it gave me the date and time. It was giving me GMT. So all I had to do for the iptables rules was add 4 hours (I'm Atlantic Time in Canada).

Worked like a charm.

So my rule for the phone (if that's what my friend wants) will be

Code:

$IPTABLES -A INPUT -m time --timestart 03:30 --timestop 11:30 --weekdays Sun,Mon,Tue,Wed,Thu,Fri,Sat -j DROP

---------- Post updated at 06:16 PM ---------- Previous update was at 06:12 PM ----------

I do have one more question, though. I don't have data, nor does my friend's son, but in case there is a parent or someone reading this right now that wants to do something similar to what I did, and they are dealing with a phone that DOES have data, will iptable rules apply to data as well? I assume so... but I just want to make sure.