With the Barracuda NextGen Firewall X-Series, you can configure access rules that are only active for specific times or dates. Create a time object for the times that the access rule should be active. Then apply this time object to the access rule.
This article provides an example of how to configure a access rule that blocks Internet (HTTP and HTTPS) access for two trainees from Monday to Friday, except during the hours of 11:00 AM to 01:00 PM. The two trainees reside in the 192.168.200.0/24 network segment and use computers with the 192.168.200.100 and 192.168.200.101 IP addresses.
Step 1. Create a Time Object
This example configures a time object named TraineeOfficeHours that includes all office hours except lunch time from 12am to 1pm.
- Go to the FIREWALL > Time Objects page.
- In the Time Objects section, click Add Time Object.
- In the Name field, enter
- To terminate existing sessions when the access rule is applied, set Terminate Existing Sessions to Yes.
- To define a date range for this time object, select the Use Date Range check box.
- In the time table of the configuration window, select all days and times when the access rule should be active.
- Click Add to create the time object.
Step 2. Create an Access Rule using the Time Object
This example configures an access rule named Block-HTTPs-for-Trainees that blocks HTTP and HTTPS network traffic from the 192.168.200.100 and 192.168.200.101 IP addresses.
- Go to the FIREWALL > access rules page.
- Click Add Access Rule to create a new access rule. The Add Access Rule window opens.
- Enter a name and description for the rule.
Specify the following settings:
Block Default (SNAT) HTTP+S
Because all other clients in the 192.168.200.0/24 network should not be affected by this rule, the source network is limited to the 192.168.200.100 and 192.168.200.101 IP addresses.
- Click the ADVANCED tab.
- From the APPLY ONLY DURING THIS TIME list, select the time object that you created. For this example, select the TraineeOfficeHours object.
- At the top of the window, click Save.
Step 3. Verify the Order of the Access Rules
Access rules are processed from top to bottom. Place your access rule before any other access rule that matches the same traffic. For this example, place your time-based block rule before any rule that allows Internet access. Click Save to save the changes to the order of the access rules.