I use iptables to add a rules to block DNS udp packet as the following
iptables -A parentalctrl -p udp -m udp --dport 53 -m mac --mac-source 84:C7:EA:35:9A:07 -m time --kerneltz --timestart 17:30:00 --timestop 18:30:00 --weekdays Sat -j ACCEPT
iptables -A parentalctrl -p udp -m udp --dport 53 -m mac --mac-source 84:C7:EA:35:9A:07 -j DROP
But it always doesn't meet the first one rule , so all the package will be drop
I did set the timezone, so i enter date command will get the correct answer
/ Preformatted text
# date Sun Jun 26 18:43:47 CST 2022
Sun Jun 26 18:43:47 CST 2022`
Is there any setting i miss to set?
Pointing out the obvious, this rule will only work on Saturdays from 17:30 to 18:30.
When did you make the tests?
I test it on this duration Saturdays，when i add these rule, the package will be drop, i don'tknow whether i set it wrong or i need to change system time?
According to the following OpenWRT URL, how can i verify my setting is correct?
- Verify that your router has the correct time and timezone.
Is this for lab purposes, or you really need to implement some parental control rules?
There is a guide for that. Blocking DNS queries to the router itself is not the best approach.
This should make the rule use the local time (what is displayed by the date command) and not UTC.
If you want to investigate the causes of the problem, post the output of the following commands:
iptables -nvL INPUT; iptables -nvL parentalctrl