Help: Script to redirect traffic from a RB411

hello,

My family runs a small WISP and we are interested in redirecting all traffic flowing through a specific RB 411 (the boards we mostly install for customers) to a specific webpage. We want to do this primarily for "cutting off"customers who have not paid their bill.

Our basic desire is to be able to remotely log into a customer and enable a script to control such a system.

even more ideally we’d like to have a script running that once a month (say the 5th of the month) checks a specific file and if the customer’s IP address (or other identifying number, could be customized per customer) appears in the “block” section of that file, redirects all traffic to a “you haven’t paid your bill” page.

Any help would be appreciated, I am the second generation in this business and have just been unleashed on mikrotik systems in order to solve some of our nagging problems.

thanks,

Richard

http://wiki.mikrotik.com/wiki/Payment_Reminders

That’s the network side of things. To automate this look up the API on the wiki. Since your username has “programmer” in it you may be able to use that to come up with a program that checks your data source and uses the API to remoter enable/disable the NAT rule that triggers the redirect. If not maybe someone else can help with that portion.

Thanks, that script should be very helpful. I was looking for something similar but never came upon that.

Any additional help with automating it would be appreciated. I am a complete newbie to Mikrotik Scripting but not coding so I’m learning on the fly here.

Any good resources and beginners tutorials would also be appreciated, I’ve been following Google results thusfar.

Richard

There isn’t really much to script on the RouterOS side.

Let’s assume that this is your entire RouterOS configuration for this, which is taken straight from the wiki page I linked to, with comments added:

/ip firewall nat
add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080 src-address-list=payment_reminder comment="payment reminder"
/ip firewall filter
add chain=forward src-address-list=payment_reminder protocol=udp dst-port=53 action=accept comment="payment reminder"
add chain=forward dst-address-list=payment_reminder protocol=udp src-port=53 action=accept comment="payment reminder"
add chain=forward src-address-list=payment_reminder action=drop comment="payment reminder"
/ip proxy set enabled=yes
/ip proxy access
add action=allow disabled=no dst-address=[IP of server that hosts reminder]
add action=deny disabled=no redirect-to="http://my.server.com/payment-reminder.html"

You’d need exactly two lines to disable these:

/ip firewall filter { disable [find comment="payment reminder"] };
/ip firewall nat { disable [find comment="payment reminder"] };

And these two to enable them:

/ip firewall filter { enable [find comment="payment reminder"] };
/ip firewall nat { enable [find comment="payment reminder"] };

That’s it. The wiki manual for the API is here: http://wiki.mikrotik.com/wiki/Manual:API. That includes examples in many languages, and examples on how to translate a console command like the disable/enable ones above into API commands. From there it’s all up to whatever front end you write - somehow you write a program that determines who should get cut off or re-enabled, and how to reach their router. Then you use the API to run the enable set of commands, or the disable set of commands.

Hello again,

I have been chewing on this problem for a while now and really do not have much of a clue how to go forward. The syntax of the scripting language alone confuses me.

Does anyone know a good beginners guide to scripting? Mikrotik seems to be really behind in support for their products.

Richard

http://wiki.mikrotik.com/wiki/Scripting