Hi All,
I have configured some data filters on my 2860 to act on some (MAC bound) IP addresses to control my childrens' access to internet. Very useful!
However, rather than have to go into the router GUI > filter > filter set > checkboxes to do this, it would be really useful to be able to turn these filters on and off with a telnet script.
I have already got scripts to turn ports on and off - so getting access is no problem. However, the information on the use of the ipf command is sketchy and contrary depending on where the information comes from, and I have not been able to work out how to just enable/disable a specific filter that I have already configured using the UI.
So, is there an update on the V1.2 telnet document that has more information - and/or can anyone help me on the syntax to control the filters in this way?

TIA

Bumping this as I have more or less the same project & I want to script a killswitch on my home automation system that will turn the kid's internet off at various times (I have a 2850Vn).

AliJCam
Any chance that you can share a snippet of what you already have?

Check the latest manual for the Vigor 2860, it has telnet commands for that router in the latter half of the manual

I worked out what I needed to do on my 2850 & found a bug in the process

I created a new filter set, made the rule that I want & then added it into the chain
I run

Code:

ipf rule X Y -e 1

where X is the set number & Y is the rule number to turn the rule on (substituting 0 for the 1 at the end to turn the rule off)

On my router this has the added 'bonus' effect of removing the name from the previous filter set & blanking out the next filter set number for it. I've worked around this by simply leaving a blank set in between & everything is now working fine, much to my 13 year old's annoyance!

Full (very basic) Bash script as follows

Code:

host=192.168.1.254 port=23 user=your_username pass=your_password cmd1='ipf rule 7 1 -e 0' ( echo open ${host} sleep 1 echo ${user} sleep 1 echo ${pass} sleep 1 echo ${cmd1} sleep 2 ) | telnet

A conv with DTK and a bit more experimentation resulted in a nicely working solution. I see Cartmane also has it sorted.

Code:

ipf rule S R -e 1|0

- where S = set number & R = rule number. 1 turns the rule on, 0 turns the rule off

if I get time, I might try to build a little front end to dispatch the various telnet commands to control the 10 various devices (phones, laptops, Xboxes) independently

However it required taking the output from all the 'help' options in the ipf command to figure out all of the latest options available, correcting some mistakes and adding comments.
Not sure how I can show the full list here though - it's longer than the forum allows?

As an additional discussion point, although any OUTOING filter/block seems to work fine (ie LAN/DMZ/RT/VPN ->WAN in the rule UI) attempting to use an INCOMING block (ie WAN ->LAN/DMZ/RT/VPN) appears to have no effect at all. Even setting Source to ANY, Dest to ANY, Service to ANY, Block Immediately (which should stop everything) has no effect at all.

Am I missing something?