Jump to content

Редирект на страницу авторизации Mikrotik ROS

Elmariachi
 Share

Recommended Posts

Elmariachi

Elmariachi

Posted
Posted (edited)

add name="z.lan" address=172.16.0.100 ttl=1d

/ ip traffic-flow

set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m inactive-flow-timeout=15s

/ ip address

add address=192.168.0.222/16 network=192.168.0.0 broadcast=192.168.255.255 interface=Z-lan1 comment="" disabled=no

add address=172.16.0.100/24 network=172.16.0.0 broadcast=172.16.255.255 interface=wlan1 comment="" disabled=no

/ ip proxy

set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 maximal-server-connectons=1000

/ ip proxy access

add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no

/ ip neighbor discovery

set Z-lan1 discover=yes

set wlan1 discover=yes

/ ip route

add dst-address=0.0.0.0/0 pref-src=0.0.0.0 gateway=192.168.1.111,192.168.1.111,192.168.0.1,192.168.0.1,192.168.0.133 scope=255 \

target-scope=10 comment="" disabled=no

/ ip firewall nat

add chain=srcnat src-address=172.16.0.0/24 action=masquerade comment="masquerade hotspot network" disabled=no

add chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=64872 comment="hotspotredirect" disabled=no

add chain=hotspot protocol=tcp dst-port=53 action=redirect to-ports=64872 comment="" disabled=no

add chain=dstnat hotspot=from-client action=jump jump-target=hotspot comment="" disabled=no

add chain=hotspot protocol=tcp dst-port=80 hotspot=local-dst action=redirect to-ports=64873 comment="" disabled=no

add chain=hotspot protocol=tcp dst-port=443 hotspot=local-dst action=redirect to-ports=64875 comment="" disabled=no

add chain=hotspot protocol=tcp hotspot=!auth action=jump jump-target=hs-unauth comment="" disabled=no

add chain=hotspot protocol=tcp hotspot=auth action=jump jump-target=hs-auth comment="" disabled=no

add chain=hs-unauth protocol=tcp dst-port=80 action=redirect to-ports=64874 comment="" disabled=no

add chain=hs-unauth dst-address=172.16.0.100 protocol=tcp dst-port=80 action=return comment="" disabled=no

 

add chain=hs-unauth protocol=tcp dst-port=443 action=redirect to-ports=64875 comment="" disabled=no

add chain=hs-unauth protocol=tcp dst-port=25 action=jump jump-target=hs-smtp comment="" disabled=no

add chain=hs-auth protocol=tcp hotspot=http action=redirect to-ports=64874 comment="" disabled=no

add chain=hs-auth protocol=tcp dst-port=25 action=jump jump-target=hs-smtp comment="" disabled=no

add chain=forward hotspot=from-client,!auth action=jump jump-target=hs-unauth comment="" disabled=no

add chain=forward hotspot=to-client,!auth action=jump jump-target=hs-unauth-to comment="" disabled=no

add chain=input hotspot=from-client action=jump jump-target=hs-input comment="" disabled=no

add chain=hs-input protocol=udp dst-port=64872 action=accept comment="" disabled=no

add chain=hs-input protocol=tcp dst-port=64872-64875 action=accept comment="" disabled=no

add chain=hs-input hotspot=!auth action=jump jump-target=hs-unauth comment="" disabled=no

add chain=hs-unauth protocol=icmp action=return comment="" disabled=no

add chain=hs-unauth dst-address=172.16.0.100 protocol=tcp dst-port=80 action=return comment="" disabled=no

/ ip firewall connection tracking

set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s tcp-established-timeout=1d tcp-fin-wait-timeout=10s \

tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \

udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m tcp-syncookie=no

/ ip firewall filter

/ ip firewall service-port

set ftp ports=21 disabled=no

set tftp ports=69 disabled=no

set irc ports=6667 disabled=no

set h323 disabled=yes

set quake3 disabled=no

set gre disabled=yes

set pptp disabled=yes

/ ip hotspot

add name="hotspot1" interface=wlan1 address-pool=pool1 profile=hsprof1 idle-timeout=5m keepalive-timeout=none addresses-per-mac=2 \

disabled=no

/ ip hotspot service-port

set ftp ports=21 disabled=no

/ ip hotspot profile

set default name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \

smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-radius=no

add name="hsprof1" hotspot-address=172.16.0.100 dns-name="Z.lan" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \

smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-radius=yes radius

 

Все равно редирект не работает на страницу авторизации у пользователей которые получили адрес по DHCP. Если вручную адрес набираешь, то страница открывается. Но надо чтоб автоматически. ПОМОГИТЕ !!!!!!!!

 

КАКИЕ ПРАВИАЛ ЕЩЕ ПРОПИСАТЬ ??? может что то удалить ???

Edited by Elmariachi

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.