I can’t really understand why and why for a couple of hours?
What is supposed to happen during that time?
You need password anyway to log on to these connections so without password no one gets inside (unless they use serial)!?
But it is probably easiest to make some kind of parent control of port 22, 80, 443 to make this work.
Listening port setting is useless way to block it.
SSH with mandatory private key authentication is still considered highly secure, or as secure as access to the private key is protected.
To prevent any SSH access to the router, use a firewall rule to block TCP input on port 22. The firewall system includes support for rules that enable and disable themselves based on the time of day.
Um , main router has 2 ports - I use one for LAN and other for guestLAN ( There are dumb APs on guestLAN so If I remove the cable and plug it into my Pc whole network over there goes down... )
...Anyways , I think I found where to add rules, does this look OK?
ok... so the firewall rule you have defined should work... but if anything goes wrong with the clock, you could have a mess on your hands.
You could create a wifi only management network (with a really strong password) and maybe other 'tricks' to make it just a bit more difficult for a casual user to hop on (simple things like no DHCP server which would then require the client device uses a static IP, etc.).
keep in mind that you've set the start time as 22:00 and the end time as 20:00, so it'll only be accessible for 2h per day.
Also make sure your time zone is set correctly and that the clock is syncing properly with ntp.