Midnight causing issues with firewall time-based rule

I'm trying to set up a time-based firewall rule that blocks internet access for certain MAC addresses during nighttime hours (00:10:00-07:00:00 UTC+2). I followed the parental controls guide in the firewall documentation, and I successfully tested the rule during daytime hours to make sure that it works. I also double checked that it drops existing connections.

However, if I make a rule for the time interval 00:10:00-07:00:00 it doesn't work. After some testing and experimenting I discovered that this is seemingly due to UTC midnight being crossed in that interval (it's at 02:00:00 in my local time). If I split the rule into two with the first having the interval 00:10:00-01:59:59 and the other 02:00:00-07:00:00 it works just fine.

I'm running a fairly recent master build on my R7800 (ipq806x) with fw4. Is this some sort of bug in nftables or fw4?

@jow, have you seen this issue before?

Not really, but I am not really runtime testing time based rules, I just test that they're applied to nft. There were some time related fixed pushed today to solve some time related quirks, maybe it solves your issue as well.

Ok, I'll compile a new image and give it a try.

@jow Those time fixes solved my issue. Thanks!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.