iptables issue with timestart-timestop due to timezone

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
#1
Hello everyone,

I found an issue that seems to be caused by iptables, but I wanted to check if it's known and if there are any workarounds.

My timezone is EST, which at the moment is UTC -05:00
I create a Schedule to give access on Wednesday from 18:00 to 20:00 EST.
This translates to Wednesday 23:00 to Thursday 01:00 UTC.

When I apply the Profile to a Device, it gets blocked at 19:00 EST.

The problem seems to be that the timestart and timestop parameters to iptables are translated to UTC, and this breaks the access.

Below is the iptables line created by KeexyBox.
-A FORWARD -m mac --mac-source nn:nn:nn:nn:nn:nn -m time --timestart 23:00:00 --timestop 01:00:00 --weekdays Wed -j 49_FORWARD

When the time is 19:00 EST, I think the following is what iptables interprets:
  • Time is 00:00 UTC
  • The timestart parameter is 23:00:00
  • 00:00 is before the timestart parameter
  • iptables decides that the rule does not apply

I hope this all made sense :-)
Reply
#1
Hello everyone,

I found an issue that seems to be caused by iptables, but I wanted to check if it's known and if there are any workarounds.

My timezone is EST, which at the moment is UTC -05:00
I create a Schedule to give access on Wednesday from 18:00 to 20:00 EST.
This translates to Wednesday 23:00 to Thursday 01:00 UTC.

When I apply the Profile to a Device, it gets blocked at 19:00 EST.

The problem seems to be that the timestart and timestop parameters to iptables are translated to UTC, and this breaks the access.

Below is the iptables line created by KeexyBox.
-A FORWARD -m mac --mac-source nn:nn:nn:nn:nn:nn -m time --timestart 23:00:00 --timestop 01:00:00 --weekdays Wed -j 49_FORWARD

When the time is 19:00 EST, I think the following is what iptables interprets:
  • Time is 00:00 UTC
  • The timestart parameter is 23:00:00
  • 00:00 is before the timestart parameter
  • iptables decides that the rule does not apply

I hope this all made sense :-)
Reply


Messages In This Thread
iptables issue with timestart-timestop due to timezone - by rdavila - 01-12-2023, 02:40 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)