BrByte Software through some changes to IPFW (kernel and binaries), has created OnTime functionality in firewall rules.


This allows certain rules to work at certain times of the day. Being very useful for business filters, speed control with varying schedules and more.


Check out these custom IPFW system rules:


skipto tablearg ip from any to any marked-socket

pipe 6010 ip from any to me not ontime [00: 00: 00-06: 00: 00]

pipe 20001 ip from any to any dscp CS7 not ontime [01: 00: 00-07: 00: 00] keep-state


This rule for example blocks IP traffic from 1 to 5 o'clock in the morning.


deny tcp from to any ontime [01: 00: 00-05: 00: 00]


See more about system firewall