I am wondering if some rule like the following can be set up at the router level; using iptables or ipset or similar tools. (I am not very experienced in this area, sorry if the following is a bit vague)
Example: I want to Block twitter after 30 minutes of usage (or 200 MB of data) . Reset counter every 24 hours. (I am not looking for schedule-based rules i.e. block twitter from 18:00 to 20:00)
I am assuming I would have to derive the "session" attributes by manual calculation. Can this be done by logging traffic corresponding to that particular website using firewall , and calculating approximate duration using a shell script? Are there easier ways?
I understand comments about this use case not being the best fit for packet-level filtering. But I am not clear how counting packets based on target addresses is much different from, say regular firewall rules for filtering packets based on undesired source addresses.
For context, in other projects: Some probable (but suboptimal) approaches using ipset counters were suggested in the dd-wrt forums. There are some documentation stubs about feature plans for similar quotas, in the squid-cache project as well [
PS: There are browser extensions (stayfocused , leechblock) that can do this at the application level, but I want to implement this at the router/firewall level because there are no open source solutions that work for all my devices.
71 Answer
Based on the comments on the question, there are no out-of-the-box solutions in ubuntu that can do this.
