Hi there
We have been running RouterOS 4.16 and the main purpose of our system is to run a hotspot where people need to authenticate before they can use any service.
At some point I deleted all Firewall/NAT rules. When I looked through the manual I found some hints and added the rules below, but I am still unsure if this is the 'factory default' setting. Any advice highly appreciated!
0 chain=forward action=jump jump-target=hs-unauth hotspot=from-client,!auth
1 chain=forward action=jump jump-target=hs-unauth-to hotspot=to-client,!auth
2 chain=input action=jump jump-target=hs-input hotspot=from-client
3 I chain=hs-input action=jump jump-target=pre-hs-input
4 chain=hs-input action=accept protocol=udp dst-port=64872
5 chain=hs-input action=accept protocol=tcp dst-port=64872-64875
6 chain=hs-input action=jump jump-target=hs-unauth hotspot=!auth
7 chain=hs-unauth action=return protocol=icmp
8 chain=hs-unauth action=reject reject-with=tcp-reset protocol=tcp
9 chain=hs-unauth action=reject reject-with=icmp-net-prohibited
10 chain=hs-unauth-to action=return protocol=icmp
11 chain=hs-unauth-to action=reject reject-with=icmp-host-prohibited
Cheers
Danny