smile787
发表于 2004-9-10 12:42:25
/ ip firewall filter add chain=output out-interface=lan protocol=tcp src-port=80 action=jump \ jump-target=hotspot comment="account traffic from hotspot servlet to \ hotspot clients" disabled=no add chain=input in-interface=lan protocol=tcp dst-port=80 action=jump \ jump-target=hotspot comment="account traffic from hotspot clients to \ hotspot servlet" disabled=no add chain=input in-interface=lan protocol=tcp dst-port=80 action=accept \ comment="accept requests for hotspot servlet" disabled=no add chain=input in-interface=lan protocol=udp dst-port=67 action=accept \ comment="accept requests for local DHCP server" disabled=no add chain=input in-interface=lan action=jump jump-target=hotspot-temp \ comment="limit access for unauthorized hotspot clients" disabled=no add chain=forward in-interface=lan action=jump jump-target=hotspot-temp \ comment="limit access for unauthorized hotspot clients" disabled=no add chain=forward action=jump jump-target=hotspot comment="account traffic \ for authorized hotspot clients" disabled=no add chain=hotspot-temp flow=hs-auth action=return comment="return, if \ connection is authorized" disabled=no add chain=hotspot-temp protocol=icmp action=return comment="allow ping \ requests" disabled=no add chain=hotspot-temp protocol=udp dst-port=53 action=return comment="allow \ dns requests" disabled=no add chain=hotspot-temp action=reject comment="reject access for unauthorized \ hotspot clients" disabled=no/ ip firewall nat add chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=0-65535 \ comment="intercept all DNS requests" disabled=no add chain=dstnat in-interface=lan protocol=tcp flow=!hs-auth action=redirect to-ports=80 \ comment="redirect unauthorized hotspot clients to hotspot service" disabled=no add chain=dstnat in-interface=lan protocol=tcp dst-port=80 action=redirect to-ports=80 \ comment="transparent HTTP proxy for hotspot clients" disabled=no/ ip hotspot set use-ssl=no hotspot-address=192.168.0.1 dns-name="hot" status-autorefresh=00:01:00 \ universal-proxy=yes parent-proxy=0.0.0.0:0 auth-requires-mac=yes auth-mac=no \ auth-mac-password=no auth-http-cookie=no http-cookie-lifetime=1d00:00:00 \ allow-unencrypted-passwords=no login-mac-universal=no split-user-domain=no / ip hotspot profile set default name="default" shared-users=1 mark-flow="hs-auth" login-method=enabled-address \ keepalive-timeout=00:02:00 / ip hotspot user add name="smile" password="smile" profile=default comment="" disabled=no
smile787
发表于 2004-9-10 12:47:31
发错版了,斑竹帮忙专专。。
abin
发表于 2004-9-12 00:50:50
首先对routerOS已经不熟悉了,再来英文的设置方法,晕头了。。。哪位大大能给我们这些小虾转个中文的设置先。。。。??先谢过了!!!
anoy
发表于 2004-9-13 14:36:38
QUOTE (abin @ Sep 12 2004, 12:50 AM)
首先对routerOS已经不熟悉了,再来英文的设置方法,晕头了。。。哪位大大能给我们这些小虾转个中文的设置先。。。。??先谢过了!!!
这些已经都是命令了 没有任何注释 这怎么转中文啊
毛仁友
发表于 2005-10-4 23:06:00
用winbox对照一下就OK啦。注意红色字。
都市牧牛
发表于 2005-10-5 10:40:21
其实可以通过向导来做 就不用一条一条 写规则了
legou
发表于 2005-10-6 16:11:12
偶是菜菜
发表于 2005-10-9 08:30:22
Routeros2.9.2的 HOTspot 向导(setup)是怎么用的?
lsdeng
发表于 2006-3-23 10:33:08
里面少了"hs-auth"的添加它的规则是?
里面少了"hs-auth"的添加它的规则是?麻烦提供 谢谢
lsdeng
发表于 2006-3-23 10:49:24
2.9的里面怎么找不到"flow"项呢
2.9的里面怎么找不到"flow"项呢
jazzmouse
发表于 2006-4-10 14:15:55
等我给大家做个winbox操作的视频版就明白了
页:
[1]