关于hotspot2.9官方修正,麻烦帮修改一下!

lsdeng

/ ip firewall filter
add chain=output out-interface=lan protocol=tcp src-port=80 action=jump jump-target=hotspot comment="account traffic from

hotspot servlet to hotspot clients" disabled=no
add chain=input in-interface=lan protocol=tcp dst-port=80 action=jump jump-target=hotspot comment="account traffic from

hotspot clients to hotspot servlet" disabled=no
add chain=input in-interface=lan protocol=tcp dst-port=80 action=accept comment="accept requests for hotspot servlet"

disabled=no
add chain=input in-interface=lan protocol=udp dst-port=67 action=accept comment="accept requests for local DHCP server"

disabled=no
add chain=input in-interface=lan action=jump jump-target=hotspot-temp comment="limit access for unauthorized hotspot clients"

disabled=no
add chain=forward in-interface=lan action=jump jump-target=hotspot-temp comment="limit access for unauthorized hotspot

clients" disabled=no
add chain=forward action=jump jump-target=hotspot comment="account traffic for authorized hotspot clients" disabled=no
错误add chain=hotspot-temp flow=hs-auth action=return comment="return, if connection is authorized" disabled=no
add chain=hotspot-temp protocol=icmp action=return comment="allow ping requests" disabled=no
add chain=hotspot-temp protocol=udp dst-port=53 action=return comment="allow dns requests" disabled=no
add chain=hotspot-temp action=reject comment="reject access for unauthorized hotspot clients" disabled=no

/ ip firewall nat
错误add chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=0-65535 omment="intercept all DNS requests"

disabled=no
错误add chain=dstnat in-interface=lan protocol=tcp flow=!hs-auth action=redirect to-ports=80 comment="redirect unauthorized

hotspot clients to hotspot service" disabled=no
add chain=dstnat in-interface=lan protocol=tcp dst-port=80 action=redirect to-ports=80 comment="transparent HTTP proxy for

hotspot clients" disabled=no


/ ip hotspot
set use-ssl=no hotspot-address=192.168.0.1 dns-name="hot" status-autorefresh=00:01:00 universal-proxy=yes parent-

proxy=0.0.0.0:0 auth-requires-mac=yes auth-mac=no auth-mac-password=no auth-http-cookie=no http-cookie-lifetime=1d00:00:00

allow-unencrypted-passwords=no login-mac-universal=no split-user-domain=no
/ ip hotspot profile
set default name="default" shared-users=1 mark-flow="hs-auth" login-method=enabled-address keepalive-timeout=00:02:00
/ ip hotspot user
add name="smile" password="smile" profile=default comment="" disabled=no

lsdeng

第一个错误是因为没有添加"hs-auth",知道怎么添加但是里面的规则应该怎么样却不知道!高手说说^
第二个错误是因为没有找到"flow"项,2.8几的有但是到了2.9几没有发现!
第三个错误是因为第一个错误

bow

在mangle里添加和定义flow项

lsdeng

谢谢!
你弄过2.9几的Hotspot吗?可以提供一下设置规则吗?