發表文章

目前顯示的是 十二月 2, 2012的文章

RouterOS平台下Hotspot設置

terminal routeros
改變www服務端口為8081: /ip service set www port=8081
/ip service set hotspot port=80
Setup hotspot profile to mark authenticated users with flow name "hs-auth":
/ip hotspot profile set default mark-flow="hs-auth" login-method=enabled-address
/ip hotspot user add name=user1 password=1
重定向所有未授權用戶的tcp請求到hotspot服務
/ip firewall dst-nat add in-interface="ether2" flow="!hs-auth" protocol=tcp action=redirect
to-dst-port=80 comment=" redirect unauthorized clients to hotspot service"
允許dns請求、icmp ping ;拒絕其他未經認證的所有請求:
/ip firewall add name=hotspot-temp comment="limit unauthorized hotspot clients"
jump-target=hotspot-temp comment="limit access for unauthorized hotspot clients"
action=accept comment="accept requests for hotspot servlet"
action=accept comment="accept requests for local DHCP server"
jump-target=hotspot-temp comment="limit access for unauthorized hotspot clients"
comment="return if con…