need urgent help and will pay for it now to block all websites expect one

RouterOS General
1

The mikrotik router hotspot login page has been redesigned to be a form rather than username and password.Once you click login, the mail script in the login page sends form elements/parameters to a specified email address. This then redirects to the status page.

Now, from the status page, you should be able to browse just one website only.

So i setup IP webproxy and allowed just that site alone and then used a wildcard to deny all other sites.

The issue:

The deny blocks the mail script in the login.html page and does not re-direct to status page,so no user is able to login.

Help

2

Hi , there is many features in firewall , you can play with that features to find it and exclude your page

3

which page you need to allow??

4

I need to re-direct all http/https traffic to just one website which is allowed on the hotspot so no matter the website you type, it re-directs you to just one.

I have setup proxy to block several sites but this is just cumbersome and have setup filter and NAT rules but this doesn’t do the trick either.

I setup a dst path wild card * in proxy to deny all http request and allow the website i want.This works but the issue i now have is that the post mail script which sends the form data on the hotspot login page to the mail server gets blocked :

when this is blocked, user does not get authenticated and nothing works.

So i figured out that rather than blocking sites, why don’t i just do something like a permanent re-direct to just that website.

is this possible?

Thanks

5

Setup hotspot
remove all stuff you put in walled garden
add http://xxxx.xxxxxxx.com/ in your walled garden


So, all (http) sites will be redirected to local rlogin.html page, which leads to http://xxxx.xxxxxxx.com/send.php, which is allowed. Problem should be solved.

6

I have done this already.its does not work

7

then post your hotspot config
/ip hotspot export

and the content of the file rlogin.html

8

/ip hotspot profile
set [ find default=yes ] dns-name=“” hotspot-address=0.0.0.0 html-directory=
hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=
cookie,http-chap name=default rate-limit=“” smtp-server=0.0.0.0
split-user-domain=no use-radius=no
add dns-name=“” hotspot-address=192.168.145.1 html-directory=xxxxxxxxx…
http-proxy=0.0.0.0:0 login-by=http-chap,http-pap name=hsprof1 rate-limit=“”
smtp-server=0.0.0.0 split-user-domain=no use-radius=no
/ip hotspot
add address-pool=hs-pool-6 addresses-per-mac=1 disabled=no idle-timeout=1m
interface=bridge1 keepalive-timeout=none name=HOTPROF profile=hsprof1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default
shared-users=1 status-autorefresh=1m transparent-proxy=no
add address-pool=hs-pool-6 advertise=no idle-timeout=none keepalive-timeout=2m
name=45out open-status-page=always session-timeout=45m shared-users=50
status-autorefresh=1m transparent-proxy=yes
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password=“” profile=default
add disabled=no name=guest password=123guest profile=45out
/ip hotspot walled-garden
add action=allow disabled=no dst-host=XXX.XXXXXX.com dst-port=


RLOGIN.HTML

$(if http-status == 302)Hotspot login required$(endif)
$(if http-header == “Location”)$(link-redirect)$(endif)

...
9

so where did you put the

part ?

It should be somewhere in the rlogin.html /


And anyway, if you just want to give access to 1 website, replace rlogin.html by this

<html>
  <head>
    <title>Please wait</title>
  </head>

  <body onload='connexion.submit()'>
    <div align='center'>
      <h2>Please wait</h2>
    </div>

    <form name='connexion' action='http://xxx.xxxx.com/' method='get'>   </form>
 

  </body>
</html>