Payment reminder page showing once every month on the 28th

RouterOS General
1

Hello,

I’m using monthend and oversight to make a script run on the 28th of every month but I’m having a bit of trouble figuring out how I should go about this.


My idea is = on the 28th of each month, the user is sent to a page reminding them to pay their bill (via dst-nat to router proxy port 8081 which redirects internally)

The problem is, once they get the message once.. I don’t want them to see it again until the next 28th day of the month.

When I use dst-nat, I can’t mark them to an address list.. I added the rule after it and it wouldn’t mark them since they had already been
routing.. I’m assuming.

Here’s some of my rules.

 0   ;;; Masquerade the NAT (required)
     chain=srcnat action=masquerade src-address=10.0.0.0/8 

 1 X ;;; reminderscript
     chain=dstnat action=dst-nat to-ports=8081 protocol=tcp 
     src-address-type="" src-address-list=!bill-reminder-list dst-port=80 

 2   ;;; Send all 'OFF' SEI customers to the router proxy to tell them that they are turned off until the bill is paid.
     chain=dstnat action=dst-nat to-ports=8080 protocol=tcp 
     src-address-list=off dst-port=80

#2 is for customers we’ve turned off, they are blocked all port access/etc. Dead traffic basically except for that page.

#1 is the reminder.. I need a way to mark them in a list though, so they aren’t bugged more than once.

Any ideas on how to do that?
Thanks in advance.

2

http://wiki.mikrotik.com/wiki/Payment_Reminders

Keep in mind that that there is no fool proof way to decide whether or not they saw the reminder. The program getting redirected could have been their Windows 7 desktop widget showing the weather in Cancun.

3

Would it be possible to add a link on the page

[click here to continue browsing]

That would add them to an address list?

Perhaps a form that submits data to the mikrotik through the API?

That would be a surefire way to make sure that they saw it, if it’s possible.

4

That’s definitely feasible, but not something I can write for you. It’d be quite a project.

One thing you could do - but it’s a bit of an ugly hack - is have that link go to some unused private address that a client would never go to, and use firewall mangle to recognize that, add the client to that exempt address list and redirect the client one more time saying “Thanks for confirming the reminder”. As in, have the “Click here to confirm” link go to http://192.168.255.254/whatever.html, and intercept that request, add to the address list, and show a “Thanks for reading this” page instead.

Something along the lines of:

/ip firewall mangle
add chain=prerouting connection-state=new src-address-list=payment_reminder protocol=tcp dst-port=80 dst-address=192.168.255.254 action=mark-connection new-connection-mark=has_confirmed_payment_reminder passthrough=no comment="run on 28th"
add chain=prerouting connection-state=new src-address-list=payment_reminder protocol=tcp dst-port=80 action=mark-connection new-connection-mark=potential_payment_reminder passthrough=yes comment="run on 28th"
add chain=prerouting connection-mark=potential_payment_reminder src-address-list=!has_confirmed_reminder action=mark-connection new-connection-mark=payment_reminder comment="run on 28th"
/ip firewall nat
add chain=dstnat connection-mark=payment_reminder action=redirect to-ports=8080
add chain=dstnat connection-mark=has_confirmed_payment_reminder action=redirect to-ports-8081
/ip firewall filter
add chain=input connection-mark=has_confirmed_payment_reminder action=add-src-to-address-list address-list=has_confirmed_reminder address-list-timeout=24h:00:00 passthrough=yes

The proxy configuration:

/ip proxy set port=8080,8081
/ip proxy access
add action=allow local-port=8080 disabled=no dst-address=[IP of server that hosts reminder]
add action=deny local-port=8080 disabled=no redirect-to="http://my.server.com/payment-reminder.html"
add action=allow local-port=8081 disabled=no dst-address=[IP of server that hosts thank you page]
add action=deny local-port=8081 disabled=no redirect-to="http://my.server.com/thank-you.html"

And a script scheduled to run on the 28th:

/ip firewall mangle enable [/ip firewall mangle find comment="run on 28th"

And a script scheduled to run on the 29th:

/ip firewall mangle disable [/ip firewall mangle find comment="run on 29th"
5

I’ve actually came up with a good idea :slight_smile:

I’m redirecting them to a page which then has a link to another php script which uses the telnet php script on the wiki to pass a command which adds them to an address list.

The problem I run into now is I’d like to send them to their original page (or link to it) but I’m trying to figure out how to get that information as the router isn’t passing along an HTTP_REFERER.. still looking.

Would there be a way to make mikrotik redirect in the proxy to something like this?

http://10.10.1.11:85/billpay.php?referer=http://www.facebook.com

Anyway to add that in there?

6

As far as I know - and I did look at one point - it is impossible to determine what the originally requested page was when using the proxy with a redirect action.

7

A very very simple way of doing this. maybe not the best and maybe you dont have your network setup in a way that this could be used is.

set up hotspot on the router that they are connected to and then edit the page for it to be a reminder with no where to put a password or username but leave the click here for a free trial option only change the name to click here to continue using the service.

Setup the hotspot profile for login with cookie, set cookie life to 24hours set free trial to 24 hours and set reset cycle to 2 days or so.

the write a script that activates the hotspot server at midnight on the 27th and deactivates it 24 hours later.


so people will get the message and will be able to log on and use internet. if they quit using it and then need to use it again before the 24 hours are up they will see the page again or log on with cookie. one or another.

i am sure there are better ways of doing it but this is what came to my mind

8

Hm… yeah, a hotspot really doesn’t suffice, but it’s a good try.

They can just click the link and put their web browser http request in again, it was just a convenience thing.

Thanks all.

9

actually if they say went to yahoo.com and the hotspot page popped up, after they hit the but to continue browsing it redirects them to yahoo.com they dont have to retype anything in.