I'm currently using the following rule in /etc/config/firewall:
config rule
option name 'Access-Restrictions'
option src 'lan'
option dest 'wan'
option proto 'all'
option target 'REJECT'
option extra '-m time --kerneltz --weekdays Sun,Mon,Tue,Wed,Thu,Fri,Sat --timestart 00:30 --timestop 6:00'
option src_mac '!D0:50:99:A8:D9:42'
I'd like to add another mac to the exceptions list (D0:50:99:5E:65:0E). Changing to '!D0:50:99:A8:D9:42' to '!D0:50:99:A8:D9:42 !D0:50:99:5E:65:0E' didn't seem to work.
Did you ever figure out a way to do this? I was just setting up the same thing on my FW, Timed Restrictions for the kid's devices. Doing it through Luci, there wasn't a way to do multiple MAC addresses per timed entry.
I also noticed that the firewall seemed to default to UTC instead of the system time.
I entered my times as 21:00:00 through 06:30:00 (9pm - 6:30am Eastern), however when I looked at the Firewall status, I saw the times entered with UTC following it.
So, with DST now, we're -4 UTC, so I've checked the "Time in UTC" box and modified my times to be 01:00:00-10:30:00.
My rules look like this:
MAC 5C:AD:CF:D3:0A:9C TIME from 01:00:00 to 10:30:00 on Mon,Tue,Wed,Thu,Sun UTC /* !fw3: iPad Timed Restrictions */
Source lan desk wan - REJECT