Config.gateway.json
For USG create blocking mac addresses timebased. Added text info a year later. Step by step. The rules in below steps are a bit changed since the video. It´s now added a rule to stop internetaccess at two times. 1. Log in to your Controller with WinSCP 2. Find usr\lib\unifi\data\sites\"siteID" (SiteID can be found in the addressbar when accessing the controller from your browser. Sse https://help.ubnt.com/hc/en-us/articles/215458888-UniFi-USG-Advanced-Configuration) 3. create a new file within WinSCP and name it config.gateway.json. 4. Edit above file and add your custom rules. In my example: { "firewall": { "name": { "WAN_OUT": { "default-action": "accept", "description": "packets to internet", "rule": { "2000": { "action": "drop", "description": "ParentalGroupFirewall", "log": "enable", "source": { "mac-address": "00:15:5d:44:44:1c" }, "protocol": "all", "time": { "starttime": "20:25:00", "stoptime": "20:33:00", "weekdays": "Mon,Tue" } }, "2001": { "action": "drop", "description": "ParentalGroupFirewall2", "log": "enable", "source": { "mac-address": "00:15:5d:44:44:1c" }, "protocol": "all", "time": { "starttime": "09:00:00", "stoptime": "09:01:00", "weekdays": "Mon,Tue" } } } } } } } # Above custom rule disables internet access for a certain macadress at mondays and tuesdays between two different times. One between 20:25 to 20:33 at monday and tuesdays and one at 09:00 to 09:01 at mondays and tuesdays. 4. You can check your code in a json validator like https://jsonlint.com/ . If any error the next step will fail. 5. In your controller go to Devices and choose your USG. Than choose config in the right menu and than "Force provision". 6. You can validate your custom rules by ssh in to your USG with Putty. Execute mca-ctrl -t dump-cfg ("less than"- sign. YT doesn´t allow that sign" ) configshow.txt . You will se it in the video. 7. With WinSCP log in to your USG and there you will find your file you made above. Validate that your custom rules are applied. Unifi KB https://help.ui.com/hc/en-us/articles/215458888-UniFi-USG-Advanced-Configuration-Using-config-gateway-json?fbclid=IwAR36fvRBbptypqmO6hTMHyx7R0kk6_BAh2EZagNbSFPrnzx_E4bBv2qFyD0
For USG create blocking mac addresses timebased. Added text info a year later. Step by step. The rules in below steps are a bit changed since the video. It´s now added a rule to stop internetaccess at two times. 1. Log in to your Controller with WinSCP 2. Find usr\lib\unifi\data\sites\"siteID" (SiteID can be found in the addressbar when accessing the controller from your browser. Sse https://help.ubnt.com/hc/en-us/articles/215458888-UniFi-USG-Advanced-Configuration) 3. create a new file within WinSCP and name it config.gateway.json. 4. Edit above file and add your custom rules. In my example: { "firewall": { "name": { "WAN_OUT": { "default-action": "accept", "description": "packets to internet", "rule": { "2000": { "action": "drop", "description": "ParentalGroupFirewall", "log": "enable", "source": { "mac-address": "00:15:5d:44:44:1c" }, "protocol": "all", "time": { "starttime": "20:25:00", "stoptime": "20:33:00", "weekdays": "Mon,Tue" } }, "2001": { "action": "drop", "description": "ParentalGroupFirewall2", "log": "enable", "source": { "mac-address": "00:15:5d:44:44:1c" }, "protocol": "all", "time": { "starttime": "09:00:00", "stoptime": "09:01:00", "weekdays": "Mon,Tue" } } } } } } } # Above custom rule disables internet access for a certain macadress at mondays and tuesdays between two different times. One between 20:25 to 20:33 at monday and tuesdays and one at 09:00 to 09:01 at mondays and tuesdays. 4. You can check your code in a json validator like https://jsonlint.com/ . If any error the next step will fail. 5. In your controller go to Devices and choose your USG. Than choose config in the right menu and than "Force provision". 6. You can validate your custom rules by ssh in to your USG with Putty. Execute mca-ctrl -t dump-cfg ("less than"- sign. YT doesn´t allow that sign" ) configshow.txt . You will se it in the video. 7. With WinSCP log in to your USG and there you will find your file you made above. Validate that your custom rules are applied. Unifi KB https://help.ui.com/hc/en-us/articles/215458888-UniFi-USG-Advanced-Configuration-Using-config-gateway-json?fbclid=IwAR36fvRBbptypqmO6hTMHyx7R0kk6_BAh2EZagNbSFPrnzx_E4bBv2qFyD0