Re: Iptables "-m time" option doesn't update when the clock changes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
Hi,

On 29/03/12 10:12, Jan Engelhardt wrote:

On Thursday 2012-03-29 11:10, Sebastian Arcus wrote:


I'm using the following line in my iptables firewall to block internet access
for one of the machines on the network for one hour a day:

Code:

iptables -A FORWARD -p ALL -o $INET_IFACE -m mac --mac-source $BLOCKED_MAC1 -m
time --timestart $BLOCKED_TIMESTART1 --timestop $BLOCKED_TIMESTOP1 -j DROP


Everything works fine - except that when the clocks change from winter time to
summer time (in UK) - the rule keeps on working on the old time.


This is documented behavior, see manpage (preferably that of a recent
release).


Thank you for that. According to my manpage:

"--localtz
Interpret the times given for --datestart, --datestop, --timestart and --timestop to be local kernel time. (Default)"
It sounds like the rule above should be using the local time (default). It still doesn't explain why it is stuck on the time before the clock change though? 
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Linux Netfilter Development]     [Linux Kernel Networking Development]     [Linux Networking Development]     [Linux Kernel Development]     [Linux Resources]     [LARTC]     [Bugtraq]     [Consulting]     [Free Internet Dating]     [Yosemite Forum]     [Photo]

Add to Google Powered by Linux