找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 4503|回复: 3

[Hotspot] 关于hotspot2.9官方修正,麻烦帮修改一下!

[复制链接]
发表于 2006-3-23 11:04:41 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×
/ ip firewall filter
add chain=output out-interface=lan protocol=tcp src-port=80 action=jump jump-target=hotspot comment="account traffic from

hotspot servlet to hotspot clients" disabled=no
add chain=input in-interface=lan protocol=tcp dst-port=80 action=jump jump-target=hotspot comment="account traffic from

hotspot clients to hotspot servlet" disabled=no
add chain=input in-interface=lan protocol=tcp dst-port=80 action=accept comment="accept requests for hotspot servlet"

disabled=no
add chain=input in-interface=lan protocol=udp dst-port=67 action=accept comment="accept requests for local DHCP server"

disabled=no
add chain=input in-interface=lan action=jump jump-target=hotspot-temp comment="limit access for unauthorized hotspot clients"

disabled=no
add chain=forward in-interface=lan action=jump jump-target=hotspot-temp comment="limit access for unauthorized hotspot

clients" disabled=no
add chain=forward action=jump jump-target=hotspot comment="account traffic for authorized hotspot clients" disabled=no
错误add chain=hotspot-temp flow=hs-auth action=return comment="return, if connection is authorized" disabled=no
add chain=hotspot-temp protocol=icmp action=return comment="allow ping requests" disabled=no
add chain=hotspot-temp protocol=udp dst-port=53 action=return comment="allow dns requests" disabled=no
add chain=hotspot-temp action=reject comment="reject access for unauthorized hotspot clients" disabled=no

/ ip firewall nat
错误add chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=0-65535 omment="intercept all DNS requests"

disabled=no
错误add chain=dstnat in-interface=lan protocol=tcp flow=!hs-auth action=redirect to-ports=80 comment="redirect unauthorized

hotspot clients to hotspot service" disabled=no
add chain=dstnat in-interface=lan protocol=tcp dst-port=80 action=redirect to-ports=80 comment="transparent HTTP proxy for

hotspot clients" disabled=no


/ ip hotspot
set use-ssl=no hotspot-address=192.168.0.1 dns-name="hot" status-autorefresh=00:01:00 universal-proxy=yes parent-

proxy=0.0.0.0:0 auth-requires-mac=yes auth-mac=no auth-mac-password=no auth-http-cookie=no http-cookie-lifetime=1d00:00:00

allow-unencrypted-passwords=no login-mac-universal=no split-user-domain=no
/ ip hotspot profile
set default name="default" shared-users=1 mark-flow="hs-auth" login-method=enabled-address keepalive-timeout=00:02:00
/ ip hotspot user
add name="smile" password="smile" profile=default comment="" disabled=no
routeros
 楼主| 发表于 2006-3-23 11:13:20 | 显示全部楼层
第一个错误是因为没有添加"hs-auth",知道怎么添加但是里面的规则应该怎么样却不知道!高手说说^
第二个错误是因为没有找到"flow"项,2.8几的有但是到了2.9几没有发现!
第三个错误是因为第一个错误
routeros
回复

使用道具 举报

发表于 2006-3-23 11:21:38 | 显示全部楼层
在mangle里添加和定义flow项
routeros
回复

使用道具 举报

 楼主| 发表于 2006-3-23 11:30:47 | 显示全部楼层
谢谢!
你弄过2.9几的Hotspot吗?可以提供一下设置规则吗?
routeros
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

QQ|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )

GMT+8, 2024-11-18 12:30 , Processed in 0.045101 second(s), 4 queries , Gzip On, Redis On.

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表