Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3873
  • Last Modified:

Control users login/logout times and force logoff?

Hello.

I currently use rh9.  Have a nice little box that I'm using as an internet gateway/squid transparent proxy.  I would like to force network clients to log off and kill internet access after a certain time of day.

Can someone please point me in the right direction?

BTW, the clients are all winxppro boxes.  Domain logn to SAMBA running on the same box.  IPTABLES for the firewall scripts.

Thanks.
0
oregonisonline
Asked:
oregonisonline
  • 3
  • 2
  • 2
  • +2
1 Solution
 
tolgadalkilicCommented:
I think you are asking for "scheduling tasks" for your linux box to stop some gateway for some clients

For scheduling solution "crontab" is used. You can schedule any job for different periods of time.
A short and easy documentation for crontab:
http://www.nerc-online.com/support/www/crontab.html

have fun.
0
 
mac_Commented:
Hi Oregonisonline,

I think this deservers some more explanations :

- what do you mean by "Log Off" ? Do you mean log the off from their client computer ? If so, it looks like a Windows problem (assuming the clients are running Windows).

- you want to "kill internet access after a certain time of day"...  suspect you want to re-authorize it after a certain other time of the day too. If you want to disable ALL access, and if your box is doing NAT (masquerading) or routing for the clients, I'd use cron to remove / add your NAT rule, hence completely disabling / enabling Internet access.
0
 
owensleftfootCommented:
" I would like to force network clients to log off and kill internet access after a certain time of day."

A very easy but not very elegant method would be to have a cron job setup for a certain time which contains the command "service network stop". Then have a cron job setup for the time you want to allow access again which has the command "service network start".
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
mac_Commented:
Just as a note... if you "network stop", you don't only kill internet access for the users but kick any kind of Internet communication for your gateway : no more remote admin, backup, monitoring, mail, nothing....

It's maybe not what you want.
0
 
yuzhCommented:
You might just want to run a cron job to kill all the users login sessions (or remote user's login).

Please defind what you mean by "Control users login/logout times and force logoff"?

Do you mean kick off all the user at the same time of the day? if so, use cron to kill all the
normal user's process will do the job for you.
0
 
oregonisonlineAuthor Commented:
Sorry I didn't jump back on earlier. I'll try and make this a little more clear.

I may have to push this to a Windows2000 Domain controller with ISA server.  It's starting to look that way.

In a Windows domain, you can set local and domain security policies which include the ability to force a user's logoff of the domain (and machine) to include network access at a specified time of day.  Each user can be different.  

I don't want to just do a network stop on the linux box, as there are other users who will have unrestricted access to the internet and other network functions.

Basically, want the kids to be forced to log off their machines by 10 pm m-f  11:30 pm on the weekends, while allowing the adults to continue access as normal.

I hope this clears it up a bit.
0
 
yuzhCommented:
If you want to just kick off the kids, you could put all the kids login name in a text file, make it
looks like:

david fred alex
paul

let's say you want to put it in /var/adm/ and named it as kids.txt

then use the following script to kill all the kids process:

#!/bin/sh
INPUTFILE=/var/adm/kids.txt

for name in `cat $INPUTFILE`
do
     kill -9 `ps -ef | grep $name | grep -v grep | awk '{print $2}' `
done

exit

# End of script

then edit your crontab, to make it looks like:
30 23  * * * /path-to/myscript >/dev/null 2>&1

man crontab
to learn more about crontab.
0
 
mac_Commented:
yuzh: I sure hope he has no kid named "joe" (would kill the joe editor) or "ache" (would kill apache) :P

-> ps -U $name looks better :P

Anyways, I have the feeling oregonisonline's problem is a Windows problem, not a Unix one.
0
 
oregonisonlineAuthor Commented:
Since it appears that there is no "graceful" way to make this happen with Linux, I'm gonna go the Windows route.  

Not too happy about that though.

Thanks for all of the great posts.  Yuz came the closest to what I was looking for so points awarded to him.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now