Jump to content
Калькуляторы

Редирект на страницу авторизации Mikrotik ROS

add name="z.lan" address=172.16.0.100 ttl=1d

/ ip traffic-flow

set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m inactive-flow-timeout=15s

/ ip address

add address=192.168.0.222/16 network=192.168.0.0 broadcast=192.168.255.255 interface=Z-lan1 comment="" disabled=no

add address=172.16.0.100/24 network=172.16.0.0 broadcast=172.16.255.255 interface=wlan1 comment="" disabled=no

/ ip proxy

set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 maximal-server-connectons=1000

/ ip proxy access

add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no

/ ip neighbor discovery

set Z-lan1 discover=yes

set wlan1 discover=yes

/ ip route

add dst-address=0.0.0.0/0 pref-src=0.0.0.0 gateway=192.168.1.111,192.168.1.111,192.168.0.1,192.168.0.1,192.168.0.133 scope=255 \

target-scope=10 comment="" disabled=no

/ ip firewall nat

add chain=srcnat src-address=172.16.0.0/24 action=masquerade comment="masquerade hotspot network" disabled=no

add chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=64872 comment="hotspotredirect" disabled=no

add chain=hotspot protocol=tcp dst-port=53 action=redirect to-ports=64872 comment="" disabled=no

add chain=dstnat hotspot=from-client action=jump jump-target=hotspot comment="" disabled=no

add chain=hotspot protocol=tcp dst-port=80 hotspot=local-dst action=redirect to-ports=64873 comment="" disabled=no

add chain=hotspot protocol=tcp dst-port=443 hotspot=local-dst action=redirect to-ports=64875 comment="" disabled=no

add chain=hotspot protocol=tcp hotspot=!auth action=jump jump-target=hs-unauth comment="" disabled=no

add chain=hotspot protocol=tcp hotspot=auth action=jump jump-target=hs-auth comment="" disabled=no

add chain=hs-unauth protocol=tcp dst-port=80 action=redirect to-ports=64874 comment="" disabled=no

add chain=hs-unauth dst-address=172.16.0.100 protocol=tcp dst-port=80 action=return comment="" disabled=no

 

add chain=hs-unauth protocol=tcp dst-port=443 action=redirect to-ports=64875 comment="" disabled=no

add chain=hs-unauth protocol=tcp dst-port=25 action=jump jump-target=hs-smtp comment="" disabled=no

add chain=hs-auth protocol=tcp hotspot=http action=redirect to-ports=64874 comment="" disabled=no

add chain=hs-auth protocol=tcp dst-port=25 action=jump jump-target=hs-smtp comment="" disabled=no

add chain=forward hotspot=from-client,!auth action=jump jump-target=hs-unauth comment="" disabled=no

add chain=forward hotspot=to-client,!auth action=jump jump-target=hs-unauth-to comment="" disabled=no

add chain=input hotspot=from-client action=jump jump-target=hs-input comment="" disabled=no

add chain=hs-input protocol=udp dst-port=64872 action=accept comment="" disabled=no

add chain=hs-input protocol=tcp dst-port=64872-64875 action=accept comment="" disabled=no

add chain=hs-input hotspot=!auth action=jump jump-target=hs-unauth comment="" disabled=no

add chain=hs-unauth protocol=icmp action=return comment="" disabled=no

add chain=hs-unauth dst-address=172.16.0.100 protocol=tcp dst-port=80 action=return comment="" disabled=no

/ ip firewall connection tracking

set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s tcp-established-timeout=1d tcp-fin-wait-timeout=10s \

tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \

udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m tcp-syncookie=no

/ ip firewall filter

/ ip firewall service-port

set ftp ports=21 disabled=no

set tftp ports=69 disabled=no

set irc ports=6667 disabled=no

set h323 disabled=yes

set quake3 disabled=no

set gre disabled=yes

set pptp disabled=yes

/ ip hotspot

add name="hotspot1" interface=wlan1 address-pool=pool1 profile=hsprof1 idle-timeout=5m keepalive-timeout=none addresses-per-mac=2 \

disabled=no

/ ip hotspot service-port

set ftp ports=21 disabled=no

/ ip hotspot profile

set default name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \

smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-radius=no

add name="hsprof1" hotspot-address=172.16.0.100 dns-name="Z.lan" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \

smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-radius=yes radius

 

Все равно редирект не работает на страницу авторизации у пользователей которые получили адрес по DHCP. Если вручную адрес набираешь, то страница открывается. Но надо чтоб автоматически. ПОМОГИТЕ !!!!!!!!

 

КАКИЕ ПРАВИАЛ ЕЩЕ ПРОПИСАТЬ ??? может что то удалить ???

Edited by Elmariachi

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this