wsb2008 发表于 2010-7-15 01:13:08

楼主,你的这个有没有FTP功能,按时,把认证里面的用户上传到ROS里面

myfriends 发表于 2010-7-15 10:43:33

确实不错 不知道作为pptp 也就是vpn账号 能不能认证啊

jykgcx 发表于 2010-7-15 11:02:59

在XP系统下可以用吗?

sunny7688 发表于 2010-7-15 15:10:38

认证系统,支持XP,win2003的版本,绿色安装,方便简单安装

ccxxzz 发表于 2010-7-15 15:41:39

呵呵,如何扩展,大家看下WEB目录下的数据库,是标准的ACCESS,大家可通过自己写ASP,ASPX,扩充计费充值系统的!

ccxxzz 发表于 2010-7-15 16:02:12

扩充计费充值系统,利用WEB目录下的数据库,一个大型好看的系统,不就存在了吗>?

jykgcx 发表于 2010-7-15 16:37:17

对ROS的版本有要求吗?

ccxxzz 发表于 2010-7-15 17:52:44

本帖最后由 ccxxzz 于 2010-7-15 17:55 编辑

ROS的扩展协议申明是这样说的:
# MikroTik reference dictionary
# Copyright (C) 2003-2006 MikroTikls, SIA
#
# You may freely redistribute and use this software or any part of it in source
# and/or binary forms, with or without modification for any purposes without
# limitations, provided that you respect the following statement:
#
# This software is provided 'AS IS' without a warranty of any kind, expressed or
# implied, including, but not limited to, the implied warranty of
# merchantability and fitness for a particular purpose. In no event shall
# MikroTikls SIA be liable for direct or indirect, incidental, consequential or
# other damages that may result from the use of this software, including, but
# not limited to, loss of data or profits.
#
# Version $Id: dictionary,v 2.1 2006/08/17 16:44:51 lastguru Exp $
#
# This dictionary is the minimal dictionary, which is enough to support all
# features of MikroTik RouterOS. You should use only this dictionary without the
# standard RADIUS dictionary files. It is designed for FreeRADIUS, but may also
# be used with many other UNIX RADIUS servers (eg. XTRadius).
#
# Note that it may conflict with the default configuration files of RADIUS
# server, which have references to the Attributes, absent in this dictionary.
# Please correct the configuration files, not the dictionary, as no other


所以从2003年后的ROS所有产品肯定尊从这个原则的!

tangdong 发表于 2010-7-15 20:07:22

始终感觉用IP来限速没有直接在拨号接口上限速好,可不可以账号绑定服务名来达到下发带宽的目的,不同的账号下发不同的服务名,只是提个小建议而已!

ccxxzz 发表于 2010-7-16 08:47:16

本帖最后由 ccxxzz 于 2010-7-16 09:29 编辑

是可以的,绑定到拨号服务器,那就需要一个ROS服务器上建4个拨号服务器.用帐号限速、PPPOE服务器限速,感觉总少点什么。我之所以用地址池,留给大家做ROS的小包优先、智能限速度,更加方便些.软件更新为10分钟过期踢人,过期地址池补上,WEB会马上着手处理!方便用户自行充值!新的下载地址:
mikro给的解释是:

Rate limits
User has field rate-limit. This field is available straight in the console, but is divided in several fields in web-interface, to ease the input process. For more detailed description about the meaning of these fields see Mikrotik HotSpot User AAA documentation, HotSpot User Profiles, Property description, rate-limit.

ccxxzz 发表于 2010-7-16 09:09:09

本帖最后由 ccxxzz 于 2010-7-16 12:28 编辑

外国佬论坛的这些可做我们的参考,也就是为什么做IP地址池限制速度的原因吧:

Hi all,

I have mikrotik ver. 4.4. I am using pppoe server + radius(freeradius). Radius set Mikrotik-Rate-Limit for client.
And i want to know, can i set for client pppoe, diffrent Mikrotik-Rate-Limit to diffrent route, for example:

route 10.0.2.0/24 : Mikrotik-Rate-Limit -> unlim
route other : Mikrotik-Rate-Limit -> radius set
====
Im looking for this to, so that my local part of the network get higher speed. use pppoe rate on out from our network.
=========
I also have a question on this. Does the rate limit apply to the session as a group or to the users of the session?

i.e. set a 50 meg limit and this 50 meg applies to all 10 ppp users, 10 users get 50 meg or... is it 50 meg per user?

regards
CM
=======================
queue with 'Rate' parameters is created dynamically for each connected user, not for the group of users

_________________
For every complex problem, there is a solution that is simple, neat, and wrong.

¡ɹǝ|nɹ SOɹǝʇnoɹ ʞıʇoɹʞıW ɯ‚|

MikroTik. Your life. Your routing.
===================
What would the easiest way be to rate limit the group/profile?

Regards
R
==============
那外国贴子的地址:http://forum.mikrotik.com/viewtopic.php?f=2&t=38859
一个外国佬做的1M限速,基于IP地址池方式,如果你做,需要修改一下其中参数的:
==============================================================
/ip firewall address-list
   add address=62.140.31.0/24 list=RapidShare
   add address=62.153.244.0/24 list=RapidShare
   add address=62.67.46.0/24 list=RapidShare
   add address=62.67.50.0/24 list=RapidShare
   add address=62.67.57.0/24 list=RapidShare
   add address=64.211.146.0/24 list=RapidShare
   add address=64.214.225.0/24 list=RapidShare
   add address=64.215.245.0/24 list=RapidShare
   add address=80.152.62.0/24 list=RapidShare
   add address=80.231.128.0/24 list=RapidShare
   add address=80.231.24.0/24 list=RapidShare
   add address=80.231.41.0/24 list=RapidShare
   add address=80.231.56.0/24 list=RapidShare
   add address=80.239.137.0/24 list=RapidShare
   add address=80.239.151.0/24 list=RapidShare
   add address=80.239.152.0/24 list=RapidShare
   add address=80.239.159.0/24 list=RapidShare
   add address=80.239.226.0/24 list=RapidShare
   add address=80.239.236.0/24 list=RapidShare
   add address=80.239.239.0/24 list=RapidShare
   add address=82.129.33.0/24 list=RapidShare
   add address=82.129.35.0/24 list=RapidShare
   add address=82.129.36.0/24 list=RapidShare
   add address=82.129.39.0/24 list=RapidShare
   add address=195.122.131.0/24 list=RapidShare
   add address=195.122.149.0/24 list=RapidShare
   add address=195.122.151.0/24 list=RapidShare
   add address=195.122.152.0/24 list=RapidShare
   add address=195.122.153.0/24 list=RapidShare
   add address=195.219.1.0/24 list=RapidShare
   add address=206.57.14.0/24 list=RapidShare
   add address=207.138.168.0/24 list=RapidShare
   add address=208.48.186.0/24 list=RapidShare
   add address=212.162.2.0/24 list=RapidShare
   add address=212.162.63.0/24 list=RapidShare
   add address=217.243.210.0/24 list=RapidShare
===========================================================================
BTW: It was a quick and dirty awk hack with /24 only, but 195.122.152.0 could be added as /23 as well!


Now let's mark all traffic that matches the address list
===========================================================================
   /ip firewall mangle
   add action=mark-connection chain=prerouting comment="Entire Traffic" \
   disabled=no new-connection-mark="Entire Traffic" \
   passthrough=yes
   add action=mark-connection chain=prerouting \
   comment="RapidShare Connections" connection-mark="Entire Traffic" \
   disabled=no new-connection-mark="RapidShare Connections" \
   passthrough=yes src-address-list=RapidShare
   add action=mark-packet chain=prerouting comment="RapidShare Traffic" \
   connection-mark="RapidShare Connections" disabled=no \
   new-packet-mark="RapidShare Traffic" passthrough=no

===================================================================
This is the interessting part: Limit 'em *G* (in this case it's 1M)
===================================================================
   /queue simple
   add comment="RapidShare" direction=both disabled=no \
   dst-address=0.0.0.0/0 interface=all limit-at=1000000/1000000 \
   max-limit=1000000/1000000 name="RapidShare" \
   packet-marks="RapidShare Traffic" parent=none priority=8 \
   queue=default-small/default-small total-queue=default-small
===================================================================

seignior 发表于 2010-7-16 09:15:54

我之前也折腾过,看那几个RFC看得头都晕了,勉强弄了个模型,后来卡在某个算法上,就停手了,等我看看我当时卡在那里了再请教楼主。

ccxxzz 发表于 2010-7-16 09:23:40

把模型或者框架传给我,我参考看看,能否用到我的软件界面里面去!

权威 发表于 2010-7-16 18:04:05

我在使用你的东东后发现一个问题-----拨号连接上后马上断开。是不是我通过PANABIT网桥连接到ROS的原因?

tangdong 发表于 2010-7-16 19:48:48

是可以的,绑定到拨号服务器,那就需要一个ROS服务器上建4个拨号服务器.用帐号限速、PPPOE服务器限速,感觉总 ...
ccxxzz 发表于 2010-7-16 08:47 http://bbs.routerclub.com/images/common/back.gif


    用服务名来还有个好处,可以做到区域的划分,比如两个地点,分别两块网卡来做,服务名不一样,帐号又是和服务名捆绑的,就可以做到一个区域的账号只能在自己的区域使用
页: 1 [2] 3 4 5 6 7 8 9 10 11
查看完整版本: 自己做的认证管理系统