Problem:Constraining wireless access to router 'on-peak'

Assembled illuminati: The naive networking problem is this; I have a very low cap 'HomeFibre Starter Plus' account with iPrimus; low cap being: 5GB/month 'on- peak' (noon to midnight) 10GB/month (midnight to noon). Since it doesn't cost me anything more; I have elected to share this account via wireless with 2 -4 other users gratis.I would like to restrict their access to 'off-peak' only...but 1/-manually switchng off wireless access on the Linksys E2000 router is possible; but too tedious. -after consultation with Cisco(Aust) it seems this device does not have the capacity to unconditionally switch off wireless during certain hours -but it does have the capacity to restrict certain LAN IP addresses during certain hours Now given that the other users are even more naive than myself, that is asking them for their LAN IP addresses would not be an easy path; can any one suggest a method of gathering these addresses ? any suggestions welcome, regards Rohan Mcleod

At 11:32 AM 11/19/2011, Rohan McLeod wrote:
Assembled illuminati: The naive networking problem is this; I have a very low cap 'HomeFibre Starter Plus' account with iPrimus; low cap being: 5GB/month 'on- peak' (noon to midnight) 10GB/month (midnight to noon). Since it doesn't cost me anything more; I have elected to share this account via wireless with 2 -4 other users gratis.I would like to restrict their access to 'off-peak' only...but 1/-manually switchng off wireless access on the Linksys E2000 router is possible; but too tedious. -after consultation with Cisco(Aust) it seems this device does not have the capacity to unconditionally switch off wireless during certain hours -but it does have the capacity to restrict certain LAN IP addresses during certain hours Now given that the other users are even more naive than myself, that is asking them for their LAN IP addresses would not be an easy path; can any one suggest a method of gathering these addresses ?
It depends how far you want to go. I won't talk about AUP issues here, I'll assume you're either allowed to share your Internet connection, or are prepared to deal with the consequences of getting caught out. :) There's a couple of ways you can go. You can enforce a specific IP address via DHCP, if you know the MAC address of the other users' PCs. You could alternatively setup a separate wireless access point, and turning that on and off with a simple timer at the appropriate times. The other way is to go to a hotspot like web portal system, which can also keep track of usage, so you can even cut off a user who blows their quota. I think there's some open source ones around. 73 de VK3JED / VK3IRL http://vkradio.com

Tony Langdon wrote:
At 11:32 AM 11/19/2011, Rohan McLeod wrote:
Assembled illuminati: The naive networking problem is this; I have a very low cap 'HomeFibre Starter Plus' account with iPrimus; low cap being: 5GB/month 'on- peak' (noon to midnight) 10GB/month (midnight to noon). Since it doesn't cost me anything more; I have elected to share this account via wireless with 2 -4 other users gratis.I would like to restrict their access to 'off-peak' only...but 1/-manually switchng off wireless access on the Linksys E2000 router is possible; but too tedious. -after consultation with Cisco(Aust) it seems this device does not have the capacity to unconditionally switch off wireless during certain hours -but it does have the capacity to restrict certain LAN IP addresses during certain hours Now given that the other users are even more naive than myself, that is asking them for their LAN IP addresses would not be an easy path; can any one suggest a method of gathering these addresses ?
It depends how far you want to go. I won't talk about AUP issues here, I'll assume you're either allowed to share your Internet connection, or are prepared to deal with the consequences of getting caught out. :) I don't believe iPrimus cares; certainly they promote 'parental controls'; which would seem to imply shared access !
There's a couple of ways you can go. You can enforce a specific IP address via DHCP, if you know the MAC address of the other users' PCs. Same problem as gathering IP addresses from very naive users.....not worth the hassle ! You could alternatively setup a separate wireless access point, and turning that on and off with a simple timer at the appropriate times. I will interpret this as replaceng the existing E2000 router with two seperate devices ?; .....really just want to use the existing capabilities of the E2000
The other way is to go to a hotspot like web portal system, which can also keep track of usage, so you can even cut off a user who blows their quota. I think there's some open source ones around. I take it this is a software solution; on which machine is the software running ?
Coming back to my original question: Is there " a method of gathering these addresses " ; via the router ? Can I take it that you think this is not possible ? ...... many thanks for your response Tony; regards Rohan McLeod
73 de VK3JED / VK3IRL http://vkradio.com

At 01:22 PM 11/19/2011, Rohan McLeod wrote:
I don't believe iPrimus cares; certainly they promote 'parental controls'; which would seem to imply shared access !
No, that doesn't imply sharing OUTSIDE your house! :) ISPs expect that there will be multiple machines behind a router these days, but some still have AUPs that prohibit sharing with the neighbours. :)
There's a couple of ways you can go. You can enforce a specific IP address via DHCP, if you know the MAC address of the other users' PCs.
Same problem as gathering IP addresses from very naive users.....not worth the hassle !
Slightly easier, because you can packet sniff the MAC addresses, (after eliminating your devices), then setup the static DHCP entries. Now, you have fixed IP addresses to filter. :) All they have to do for you to set this up is surf the net. :)
You could alternatively setup a separate wireless access point, and turning that on and off with a simple timer at the appropriate times. I will interpret this as replaceng the existing E2000 router with two seperate devices ?; .....really just want to use the existing capabilities of the E2000
One extra device, an access point.
The other way is to go to a hotspot like web portal system, which can also keep track of usage, so you can even cut off a user who blows their quota. I think there's some open source ones around.
I take it this is a software solution; on which machine is the software running ?
I've seen a couple of different configurations. Some run on a Linux box that acts as the router. Others run on a separate box and use a router with customised firmware. I'm not sure of the current status, so Google will be your friend now. :)
Coming back to my original question: Is there " a method of gathering these addresses " ; via the router ? Can I take it that you think this is not possible ?
Well, that depends, like everything else discussed, on how far you want to go. Most routers are not designed to do things this fancy, so your mileage will definitely vary. Some routers won't even do static DHCP, which is a pain when you want to reserve a port forward for a specific device that moves from network to network. 73 de VK3JED / VK3IRL http://vkradio.com

Tony Langdon wrote:
At 01:22 PM 11/19/2011, Rohan McLeod wrote:
I don't believe iPrimus cares; certainly they promote 'parental controls'; which would seem to imply shared access ! No, that doesn't imply sharing OUTSIDE your house! :) ISPs expect that there will be multiple machines behind a router these days, but some still have AUPs that prohibit sharing with the neighbours. :) thats OK; I am a devotee of the particular form of war-fare known as 'house sharing'
There's a couple of ways you can go. You can enforce a specific IP address via DHCP, if you know the MAC address of the other users' PCs.
Same problem as gathering IP addresses from very naive users.....not worth the hassle !
Slightly easier, because you can packet sniff the MAC addresses, (after eliminating your devices), then setup the static DHCP entries. Now, you have fixed IP addresses to filter. :) All they have to do for you to set this up is surf the net. :) This sounds like a possibility, any chance of getting the LAN IP addresses as well ?; because that's what the E2000 seems to want.
The other way is to go to a hotspot like web portal system, which can also keep track of usage, so you can even cut off a user who blows their quota. I think there's some open source ones around.
I take it this is a software solution; on which machine is the software running ?
I've seen a couple of different configurations. Some run on a Linux box that acts as the router. Others run on a separate box and use a router with customised firmware. I'm not sure of the current status, so Google will be your friend now. :)
Coming back to my original question: Is there " a method of gathering these addresses " ; via the router ? Can I take it that you think this is not possible ?
Well, that depends, like everything else discussed, on how far you want to go. Most routers are not designed to do things this fancy, I take it that 'things this fancy' amounts to some kind of packet-sniffing ?; assuming the E2000 can't do anything like that; then it would seem that short of building a Linux router; I would have to purchase a fairly specialised device; which is usually code for expensive ! so your mileage will definitely vary. Some routers won't even do static DHCP, which is a pain when you want to reserve a port forward for a specific device that moves from network to network. If you are exploring my knowledge of data-communications; I can summarise 'very rudimentary'; I know what an IP- port is, but for the life of me I can't understand, what is meant by 'forwarding' it ! Bit like the story about the man who turned into an alcoholic; which was countered by one about a man who turned into a driveway !
your replies are much appreciated thnks Rohan Mcleod

Rohan McLeod <rhn@jeack.com.au> wrote:
I take it that 'things this fancy' amounts to some kind of packet-sniffing ?; assuming the E2000 can't do anything like that; then it would seem that short of building a Linux router; I would have to purchase a fairly specialised device; which is usually code for expensive !
You could buy suitable hardware and install one of the well-known, router-oriented distributions on it such as Openwrt, then set up whatever software you need. The hardware is no more expensive than usual; the software costs nothing.

Jason White wrote:
Rohan McLeod<rhn@jeack.com.au> wrote:
.....; I would have to purchase a fairly specialised device; which is usually code for expensive ! You could buy suitable hardware and install one of the well-known, router-oriented distributions on it such as Openwrt, then set up whatever software you need. The hardware is no more expensive than usual; the software costs nothing. Alright thank you Jason, I'll look up Openwrt; that may be the way to go; ..... I'm a bit hesitant about replacing the E2000; because while iPrimus support is not brilliant; especially on 'Fibre', with a 'home-brewed' router I will be in the legendary 'barb-wire canoe', ...............well out of sight of land ; should anything go wrong ! regards Rohan McLeod

Rohan McLeod <rhn@jeack.com.au> wrote:
Jason White wrote:
Rohan McLeod<rhn@jeack.com.au> wrote:
.....; I would have to purchase a fairly specialised device; which is usually code for expensive ! You could buy suitable hardware and install one of the well-known, router-oriented distributions on it such as Openwrt, then set up whatever software you need. The hardware is no more expensive than usual; the software costs nothing. Alright thank you Jason, I'll look up Openwrt; that may be the way to go;
Friends recently bought Negtear Wndr3700v2 routers for this purpose. The advantage is that they run entirely open drivers (that is, all of the drivers are free software/open-source). There are other options for fully open driver support as well, but the above seems to be a relatively popular product in the community. The experiences of the friends referred to above have been favourable so far.

At 03:28 PM 11/19/2011, Rohan McLeod wrote:
Tony Langdon wrote:
thats OK; I am a devotee of the particular form of war-fare known as 'house sharing'
We're a bit the opposite here, 2 of us, 2 Internet connections. Might sound overkill, but it's to segregate heavy downloads from everything else. :)
Slightly easier, because you can packet sniff the MAC addresses, (after eliminating your devices), then setup the static DHCP entries. Now, you have fixed IP addresses to filter. :) All they have to do for you to set this up is surf the net. :) This sounds like a possibility, any chance of getting the LAN IP addresses as well ?; because that's what the E2000 seems to want.
The idea was to be able to fix those LAN IP addresses, if your router supports what's called static DHCP. How this works is some routers will let you tell them that if they see a specific MAC address on the network, assign a specific IP address. Yes, you can sniff their current LAN IP address, but unless you tie that with a MAC address, it could change next time you reboot the router. So, you sniff the traffic on the wireless network, grab the MAC addresses of the other peoples' gear, then go to your router config (don't ask me where, this is _totally_ model specific!), where you setup the DHCP server I guess, and setup the association between those MAC addresses and the IP addresses. As for packet sniffing, there is Linux and Windows software you can use to do this. You should sniff from a machine that's also on the wireless network. You may not need to do this though, some routers are able to report what wireless clients are associated with them (usually in the status or wireless screens). The information from there is what you need.
Well, that depends, like everything else discussed, on how far you want to go. Most routers are not designed to do things this fancy, I take it that 'things this fancy' amounts to some kind of packet-sniffing ?;
Packet sniffing is done from another machine, no, I was referring to what is effectively a form of "guest access" being a relatively "fancy" function.
assuming the E2000 can't do anything like that; then it would seem that short of building a Linux router; I would have to purchase a fairly specialised device; which is usually code for expensive !
so your mileage will definitely vary. Some routers won't even do static DHCP, which is a pain when you want to reserve a port forward for a specific device that moves from network to network. If you are exploring my knowledge of data-communications; I can summarise 'very rudimentary'; I know what an IP- port is, but for the life of me I can't understand, what is meant by 'forwarding' it ! Bit like the story about the man who turned into an alcoholic; which was countered by one about a man who turned into a driveway !
Port forwarding is often used when you want to run a server behind your router. You need to make the server accessible to the outside world, and that's done by "forwarding" a port on the router's public IP address to the internal IP and port of your server. Sometimes this function is called "Virtual server" instead. 73 de VK3JED / VK3IRL http://vkradio.com

Rohan McLeod wrote:
Assembled illuminati: The naive networking problem is this; I have a very low cap 'HomeFibre Starter Plus' account with iPrimus; low cap being: 5GB/month 'on- peak' (noon to midnight) 10GB/month (midnight to noon). Since it doesn't cost me anything more; I have elected to share this account via wireless with 2 -4 other users gratis.I would like to restrict their access to 'off-peak' only...but 1/-manually switchng off wireless access on the Linksys E2000 router is possible; but too tedious. ............. -but it does have the capacity to restrict certain LAN IP addresses during certain hours The solutiion that I eventually arrived at; with some help from Cisco-support (Aust), was to forget about wireless and restrict access on-peak (10am to 2am..contradicting above !), to all but three LAN IP's; then set my machines to those three addresses. This is a very low cost (money, time and energy) solution; thanks to Tony and Jason for their suggestions which I may investigate later !; regards Rohan McLeod
participants (3)
-
Jason White
-
Rohan McLeod
-
Tony Langdon