I am looking for a dhcp lease script, have tried my all for many days.
I want the script to match the combo of “host name - Mac” to previously saved “host name - Mac” in firewall mangle comments ( which is used to log traffic of users in hotspot).
If it matches dhcp lease should be good to go.
If it doesn’t match it should be released
If the comments dont exist for first time login dhcp should be good to go.
Ps I have
1 script to add mangle rules, add comment based on host name - Mac combo
2 script to remove said rules and comments on expiry of hotspot user session.
<
{
:local mac $leaseActMAC
:local host $“lease-hostname”
:local male [/ip firewall mangle get value-name=comment [find comment~“$mac”]]
:local comp "$host - $mac "
:log info “$male”
:log info “$comp”;
:local leng [:len [find $male “$@”]]
:if [($male!=$comp)] do={
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]}}
i have written this but it does not go past “:local male…” i suppose because it doesnt find the variable, so i need it to work even if said MAC user logs in for first time.
also to go with it i have written a user login script which adds the hostname - mac to the mangle comments.
essentially i want if the current hostname-mac is different than the one added in “mangle comments” then either the user needs to login again or we can script to deny dhcp lease altogether, but need to get past my error first, also if it is a first time login then user may go ahead.
:local mac $leaseActMAC
:local host $“lease-hostname”
:global leaseBound
:if ($leaseBound = 1) do={
:local maccheck [/ip firewall mangle print count-only where comment~“$mac”]
:local hostcheck [/ip firewall mangle print count-only where comment="$host - $mac "]
:if ($maccheck = 0) do={
:log info “$mac not registered previously, allowed”}
:if (($maccheck = 1)&&($hostcheck = 0)) do={
:log info “error $mac already registered with different hostname, removing previous session”
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]}
:if (($maccheck = 1)&&($hostcheck = 1)) do={
:log info “$mac registered with correct hostname $host”}}
:if ($leaseBound = 0) do={
:log info “$mac dhcp assign removed”}
Finally got it working.
Now will add a line to save to file all illegal attempts together with the log. That way I can just see one file and know if any attempts have been made to spoof mac..
Say what?
Not really, but I am logging all connections for legal purposes.
But now have separated the log file for script, so it is now easier to know what all is happening.
Hi there
I have many attempts to Spoof Mac address
I used this script but it doesn’t working
I seems I still need the login user script to get it work
Any one can help me please
Thanks
Since this topic was Script needed I thought that this might be the place to ask this instead of making a new thread.
Ok I have a Mikrotik Router of course…
But I need a script that can move IP addresses from one list to another without going to a file first. This is done internally not from one Router to another..
So that is that. Anyone with some easy to understand script for this..
I do suggest you create a new thread. Not all are equal good to create an informative title.
So for example. Need a script to move IP from one address list to another.
And in new thread also specify what criteria needed to move the IP addresses.
