Hello Everybody,
One of my hotspot users seems to be using NetCut; to take the whole internet bandwidth to him or herself.
How can I detect him/her??? and how can I stop it from the router configuration?
I need urgent help here.
Thanks
Hope things are going well.
Sadly we do not know how your hotspot is setup - SO it is a bit difficult to give you a clear answer.
Andrew COX wrote a decent script for making sure users are limited to specific bandwidth settings.
So might want to try this (of course edit to your needs) Andrew’s is part of a small group of whom’s blog has some really great postings - http://www.mikrotik-routeros.com
In this example you can see that, if a user purchased a $30 package (credit-price=30000) they would be assigned a rate limit of 512k/128k, whereas a $90 purchase would get a 2M/128k limit.
#Script to add rate limit's to newly created user-manager accounts.
#Written by Andrew Cox | Omega-00 | http://www.mikrotik-routeros.com
:local counter
:local check
#Loop through all users in user-manager
:foreach counter in=[/tool user-manager user find] do={
#Check to see if comment contains "RLA" (short for 'rate limit added'). If it doesn't, this account hasn't had a rate limit set yet.
#We only check the first 3 characters, this means you can continue to use the comment field for whatever you like so long as you leave the 'RLA' untouched (if present)
:set check [:pick [/tool user-manager user get $counter value=comment] 0 3]
:if ($check="RLA") do={
#Has RLA, rate limit is already set so ignore
} else={
#Doesn't have RLA Set rate-limit based on initial purchase pricing
:if ([/tool user-manager user get $counter credit-price] ="30000") do={/tool user-manager user set $counter rate-limit="512k/128k" comment="RLA"}
:if ([/tool user-manager user get $counter credit-price] ="60000") do={/tool user-manager user set $counter rate-limit="1M/128k" comment="RLA"}
:if ([/tool user-manager user get $counter credit-price] ="90000") do={/tool user-manager user set $counter rate-limit="2M/128k" comment="RLA"}
} }
This is not something the MikroTik router can do, this is something you need to have setup on your layer2 network to prevent it from happening. Changing someone’s MAC address is trivial, and there is no security that was built into that system. If a device can see another device over the layer2 network, it can change it’s MAC address to match the other device and start intercepting those packets. Devices that are on the same layer2 segment of a network need not use a router to communicate to each other, that is the way networking was designed and works. Use port isolation on switches, and use client isolation on your access points.