Rules don't have to take effect all the time; we can define time ranges during which the rules apply, and the process is even easier than creating rules. Each schedule can have multiple time ranges, and, once defined, it can be applied to a rule. To get started with scheduling, navigate to Firewall | Schedules. There will be a table displaying all the previously created schedule entries; clicking on the Add button below the table allows you to create a new entry.
The Edit page for schedules has two sections: Schedule Information, in which you can configure options, and Configured Ranges, in which the already defined ranges for this rule appear. You must create at least one time range per schedule, although you can create more. The first option on the page is Schedule Name, where you enter the name, which can consist only of letters, numbers, and the underscore character. You may also enter a non-parsed, free-form description in the next field. In the Month drop-down box, you can select the month that will appear in the Date section. Time ranges can consist of individual dates (for example, April 15), or to days of the week (for example, Tuesdays). You can click on an individual date on the calendar to select only that date, or you can click on a weekday header to select all occurrences of that weekday.
In the Time section, you can select a time range for the days selected on the calendar. The fields are Start Hrs, Start Mins, Stop Hrs, and Stop Mins, and time is in 24-hour time. You can also enter a non-parsed Time range description. When you are done defining a time range, you can click on the Add Time button. Alternatively, you can click on the Clear selection button to clear the selection. Once you click on the Add Time button, the time range should appear in the Configured Ranges section of the page. You can create additional time ranges by selecting the appropriate dates/days of the week and time ranges, adding a description, and clicking the Add Time button again. You can also delete existing ranges by clicking on the Delete button to the right of each entry. When you are done configuring time ranges and editing other options, click on the Save button at the bottom of the page.
To illustrate the process of creating a schedule and using it in a rule, we will create a schedule for lunchtime (Noon-1 PM) and create a rule using this schedule. This will allow us to implement a rule which allows access to Slashdot only during Noon to 1 PM on weekdays. To do this, we perform the following steps:
216.34.181.45
(the Slashdot IP address) in the Source Address field. We can also enter a description for this rule (for example, Allow Slashdot during lunchtime).You may have noticed that we have created a rule to allow access to Slashdot during the lunch hour, but we have not created a rule to block access to Slashdot yet. Thus, with our current ruleset, the new rule has no practical effect, because access to Slashdot was already enabled via the Allow DEVELOPERS to WAN rule. We can easily create a rule to block Slashdot, however, by clicking on the Copy button to the right of the new rule in the table, and creating a new rule based on the previously created rule. We just need to change the Action from Pass to either Block or Reject (Reject is probably the better option), and change the Schedule option so the rule applies at all times. We should also change the Description field to reflect its purpose. After we click on the Save button, a new rule will be created after the Allow Slashdot during lunchtime rule, which is the order we need. Remember, rules are evaluated on a top-down basis, so we want the Block Slashdot rule to come before to the All DEVELOPERS to WAN rule and we want the Allow Slashdot during lunchtime rule to come before both of these rules.
3.134.79.121