Script for blocking user

Rutzki · May 28, 2013, 12:41pm

Hi,

first and foremost i want to write a script which blocks one unique hotspot user. Next step should be, to enable and disable this script per scheduler.

this user should only be active 1 day a week, for example on tuesday from 07:00 till 23:00.

Any ideas?

boen_robot · May 28, 2013, 1:13pm

Do you want to disable the user from logging in, or let them log in, but have no internet connection?

If you’re OK with letting them log in, the easiest way is to set up a filter or nat rule. Condition it to match the user’s IP (which should be trivial if you’re specifying IPs explicitly per user), make it reject the connection, and (in Winbox - the Extra tab, Time section) set the time when the disabling has an effect.

If you want to also disable the user from logging in, you’ll have to use “/system scheduler”. With it, you’ll need two scripts per user - one to disable the user, and one to enable it when the disabling period ends. Make the interval be 168 hours (a week), and adjust the start times to match the first disabling and enabling. The scripts themselves are just
/ip hotspot user disable "user1"and
/ip hotspot user enable “user1”

Rutzki · May 29, 2013, 9:29am

thx for your fast response.

it works great, but after the user is disabled, the user dont logout automatically.

boen_robot · May 29, 2013, 12:09pm

In the disabling script, also add
/ip hotspot active remove “user1”

Rutzki · May 29, 2013, 3:00pm

hi again,

i tried it, but it doesnt work

boen_robot · May 29, 2013, 9:34pm

Perhaps also at the disabling script:
/ip hotspot cookie remove "user1"If even that doesn’t work, I’m out of ideas.

Rutzki · May 30, 2013, 8:52am

HI, thx a lot for your help.

No command i used worked. Below u find a screenshot, where i typed the commands, u have written, in the terminal.

The only answer i got from the terminal was

“no such item”

on both commands.

normis · May 30, 2013, 8:56am

hit the TAB key after the “remove”, it will autocomplete the name. I think quotes are unnecessary

Rutzki · May 30, 2013, 12:18pm

hi again, thx for the hint with tab

in the active directory i can only remove the user with their number/id.

Example:

/ip hotspot active remove number=1

but the number depends on the sequence in which you login.

my first idea was, that i write a command, which is looking for the active user “user1” (for example), and read this number.

with the command:

/ip hotspot active print

i get the following infos, where i can see the number.

Flags: R - radius, B - blocked
#____USER____ADDRESS
0____user1____10.5.50.126
1____user2____10.5.50.127

with

/ip hotspot active find user=user1

i should get all the infos of “user1”, but how will the command continue, to remove them? Or am i complety wrong?

boen_robot · May 31, 2013, 12:15pm

Maybe
/ip hotspot active remove [find where user=mauth]

Rutzki · May 31, 2013, 2:39pm

simple as possible

works great, thx