Hello everyone !!!
I’m using hostpot with radius server. All works fine… but a little problem is that: if any user use local resources It is counted as internet traffic and as a result his data limit quickly exceed. Is it possible to split local traffic from internet traffic???
You can walledgarden local network
THanks for reply!!
i tried it but without success…
i want that users can access local resources only after authentification. Therefore i added every authentificated user ip to “Walled Garden IP List” using hotspot->user profile->scripts->on login:
/ip hotspot walled-garden ip
add action=accept disabled=no server=hotspot1 src-address=$address dst-address=192.168.7.0/24
$address - authentificated user ip address
But this not work… May be i do something wrong…
You cannot do this easily. Once a host is placed in “auth’d” mode, all its traffic is accounted for and passed to RADIUS for accounting (if that’s what you use).
One solution I tested and worked, but ended up not implementing, was to use Traffic Flow, with an nfacctd listener which filtered traffic to/from the local network and removed it from a user’s data usage. It did the checks based on what was live in the RADONLINE table & the traffic updates that happened once a minute.
This did not cure the user from being cut off by Hotspot after X MB are used, but at least he could log back in and keep using his remaining data.
nfacctd: http://wiki.pmacct.net/OfficialExamples
Make sure you update to 6.33+ as it introduced Traffic Flow fixes which send extra information (v9 only), accounting for NAT & showing you the real client IP address.