MstrD Posted August 26, 2013 Share Posted August 26, 2013 School starts here in another week, and my kids (my son in particular) needs to curb his online time (xbox, youtube, minecraft, etc.). He has a lot of ways to spend his time, other than school work. He's starting middle school, and this year, we think he really needs to buckle down. He is a good kid, but gets a little too distracted with all his electronics. I've been trying to come up with a way that I can limit his "Screen time". There are restrictions within the router by PC to within certain times. What I'm really looking for is a way to limit the time, much like when you go to a hotel. You "buy" x hours worth. That might solve the PC, but it doesn't solve the Xbox, or his 3DS, or his ipod. Ideally what I wanted was some way to use Network Resources to turn on/off certain access. After some research, I couldn't come up with an easy method. I think I've come up with a solution, although I haven't yet written the programs. I currently have a main router in my house (connected to the cable modem). The router is running DD-WRT firmware. It's at one end of the house in the basement. Coverage at the other end is a little limited. To solve that, I have another router at the other end of the house, and it wireless connects to the main router. PCs or phones flip between the routers as is needed and that's fine. To solve my kid problem, I'm thinking about adding another router (or repositioning the ones we have). The second router, will be the restricted router. It will have a password that my son knows. The other, he will not. His "toys" will all be connected to the restricted router. That Router will be connected to an ApplianceLinc. I will then be able to turn on his access or turn it off. When it's powered on it will turn on the router, connect to the network, etc. I can then use the ISY to connect and have a schedule for him. I will also be able to setup a button on a 6 button keypad that he can press to turn on his access. It will have a countdown timer, and when the days total usage is exhausted, it will turn the router off. That will give him some flexibility, but he won't be able to exceed x hours a day, but it will start when he chooses. Depending on sports schedules, etc., it could be later or earlier in the day. When I get a couple timer programs worked out, I'll post them here. Hopefully, this will give him some quality school work time. (assuming I can put all the electronics someplace where he can't easily access them and bypass it). Link to comment
Xathros Posted August 26, 2013 Share Posted August 26, 2013 I am using the Access control list in my DD-WRT router (Under the Access Restrictions tab). I have built a list of MAC addresses that should not have access when the rule is enabled. Those are the xboxes, ipods, AppleTV etc. Then I enable/disable that rule with a network resources call. It seems to take a minute or two to take effect but it works like a charm. I have a toggle program in my Mobilinc favorites that allows me to flip that switch anytime I need to right from my iPhone but usually it just runs on a schedule in the ISY. -Xathros Link to comment
MstrD Posted August 27, 2013 Author Share Posted August 27, 2013 Can you share the network resource command? I couldn't figure out how to do it. That would simplify what I'm trying to do, and my son wouldn't be able to bypass it. Link to comment
Xathros Posted August 27, 2013 Share Posted August 27, 2013 POST /apply.cgi HTTP/1.1 Host: xxx.xxx.xxx.xxx:80 User-Agent: Mozilla/4.0 Connection: Close Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip,deflate DNT: 1 Referer: http://xxx.xxx.xxx.xxx/Filters.asp Authorization: Basic == Content-Length: 219 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 submit_button=Filters&action=ApplyTake&change_action=&submit_type=&blocked_service=&filter_web=&filter_policy=&filter_p2p=0&f_status=1&f_id=1&f_status1=enable&f_name=Deny+List&f_status2=deny&day_all=1&time_all=1&allday= I captured the above details by watching Firefox's web console when clicking the Apply button in DD-WRT after clicking the Enable radio button on this Policy. The web console if very useful in figuring out how to craft a network resource rule. Timeout: 4000, Raw Text, URL Encode unchecked. In the DD-WRT Router: Policy #1 Policy Name: Deny List Everyday Checked 24 Hrs Selected Edit List and add the necessary MAC addresses. Something to be aware of, this only prevents Internet access not the ability to associate with the LAN. -Xathros Link to comment
MstrD Posted August 28, 2013 Author Share Posted August 28, 2013 Thanks! I'll give that a try. That looks like it could do exactly what I want. Link to comment
Xathros Posted August 28, 2013 Share Posted August 28, 2013 One other note on this: Don't toggle between Enabled and disabled more than once every few minutes or DD-WRT (mine at least) becomes unhappy and needs a reboot. As long as you wait for the last request to become effective before placing a new request, its all good. -Xathros. Link to comment
MstrD Posted August 30, 2013 Author Share Posted August 30, 2013 I was able to create two network resources based on your example (once I figured out how to use the firefox web console). I can it being a very helpful tool to create network resources. It seems like once the command is issued, the access to the router is disabled for a short time - I'm assuming as it turns on/off the filtering. It doesn't seem to stop the internet access for other clients during this time, just access to the router pages. My setup has the main router, and then another router (bridge) at the other end of the house. It seems like if a client is attached to the main router, than it denies access. However, if the client connects to the other router, that bridges to the main router, then it isn't filtered. It must see the MAC of the other router. The same thing with IP. I guess I'll have to set up two sets of network resources, to block access from both routers simultaneously. Thanks for the help. This will definitely do the trick. Now I need to create some countdown scripts (cumulative hours per day). I don't think I'm going to the popular Dad in another week! Link to comment
Xathros Posted August 30, 2013 Share Posted August 30, 2013 If the second router is doing NAT then yes, you would need to do this at both. Double NAT is often a problem for other things as well and not generally a good idea unless you really know what your doing and need it that way. If the 2nd router is just an access point and only the main router does NAT and DHCP, then you only need to do this at the main router. I have one main DD-WRT router and many access points. I filter at the main router. -Xathros Link to comment
MstrD Posted August 30, 2013 Author Share Posted August 30, 2013 Hmm, the second router should just be an access point, and the router is bridging (wirelessly) to the main router. The second router isn't doing NAT. It's all seen as one large network. 192.168.1.0-192.168.1.255 DHCP all from the main router. I'll have to check the settings and see if I'm missing something. Link to comment
Recommended Posts