Join Sean Colins for an in-depth discussion in this video Scheduling game system down time, part of Firewall Administration Essential Training.
- [Instructor] For our next firewall rule, we're going to create something that combines our work with aliases and our work with schedules. We've created our aliases and we have under here our IP list, we have game systems at .39 and .40, which are both outside of our DHCP pool, which is good. These are both static, available addresses. Now what we can do is we can either configure our, in this case let's call it an Xbox and a PS4. We can configure our Xbox with 39 and our PS4 with 40.
Or if we want to leave them at DHCP because we wanted to just do that, we could also do what we talked about in our DHCP reservations movie where we go over to DHCP leases and if we had them booted we would find them here and we would say ah no, we'd hit the little plus button and we'd make them go to the appropriate addresses and then reboot them and they would pick up those addresses and they would be at those addresses forever. So that would be very useful, right? Because we would always know that the Xbox was at its IP address and the PS4 was at its IP address. You can do that either of those two ways.
There's nothing wrong with either one of those. A static IP address or a static lease. Either way works. You've got your aliases that tell you that gaming systems are those IP addresses. You could do your statics, either reservations or otherwise and then we also have our schedules. And our schedules, I've already configured one called StudyNights right here and I'm going to show you. I already showed you how to configure a schedule, but let's look at why StudyNights is doing what it's doing. So StudyNights is the name. Remember you can't have a space in here. That's why those are smushed together. I'm calling it four p.m. to 11:59 p.m. on StudyNights and even though the month is selected, in fact, if I select all of these column headers and I'm skipping Friday and Saturday nights because those are fun nights, but I'm also selecting the time down here which is going to be 16 and 00 and 2359 and the time range description is simply going to be four p.m. to 11:59 p.m. StudyNights, okay? And then I can click add time, and then that's in here, all right? Let's get rid of the one that says four, 'cause that was wrong.
So 1600 to 2359, that is our range. That's exactly what we want. And you'll notice, because I selected those column headers in here where it says days, it's Monday through Thursday or Sunday. I click save and here's our rule set, okay? So the description remember really means nothing. It could say absolutely anything there. Don't look at that to see if it's configured properly. Where you really want to be looking is at this information over here. If this information's correct, you're in good shape. Actually, if it's that information is correct. It's all good. 'Cause that is also a label.
So let's go back. I'm going to go back to our firewall rules and we're going to create something that's going to use all of that. We know the IP address of the system is going to be the same all the time, we know that the IP addresses are in an IP alias list and we know that we have a scheduler that we can use. We've got everything we need. So we click the add to the top button. And we say we want to block. And we're going to block everything on the LAN side so the devices can't communicate out.
That's actually the goal here. Really you could create two rules, one for out and one for in, but if you've kind of blocked everything going out, you're sort of done. So IP address V4 and protocol TCPIP is going to do just fine here. And then what we're going to do is on the source the source is going to be since it's on the LAN side, it's going to be a single host, or you guessed it, alias, and we're going to type game and game system is going to come right up there for us, which means we don't need to worry about anything else. We already figured that out.
Destination is just any and we're set. We're in really really good shape here. If we just click display advanced under extra options, we can then scroll down to where we talk about schedules and we can select the schedules that we've got. We've created our StudyNights schedule, so that's available to us to select. And once that's selected we can come down here and click save. Click apply changes and close that little green box and lo and behold, here we are. StudyNights as you can see right here, is set up, it is not currently active because the period is expired, that's fine because the period will come back to us.
If you want to look at the StudyNights you can see your label popping up right there. That is not what is configured, that is simply what you wrote into the label field. If you want to go back and actually check to see if it's for real, you can click on it and it'll take it right back into the actual rule generation and you can make changes if you wish. Configured ranges, Monday through Thursday and Sunday, 1600 to 2359, that's exactly what we want. So I'm going to go back to firewall, go back to rules, go back to that specific rule which is on the LAN side. Remember to click in the right area.
If you are over here and you're not seeing your rule, it's because it's over on this side. So make sure that you check both. But here you can see it. We have IP 4TCP, the source is going to be Game Systems, it's going to be going out over the LAN, the port everything everything everything and on the schedule that we set. So during that schedule those game systems will simply not be able to communicate outbound through our firewall, which will keep the kids from using that gaming system when they shouldn't be using it.
- DMZs and bandwidth needs
- Routing configuration
- Setting up a virtual IP
- Network address translation (NAT)
- Providing DHCP
- Traditional IP firewalls (IPFW)
- Configuring deny rules to block file sharing
- Promoting application specific traffic
- Configuring an IP alias and a port alias
- Building traffic limiters