ways to bypass sites from hotspot through firewall rules

abooddy · August 10, 2011, 12:17am

hey all
I’ve tried some solutions found in wiki to get some sites bypassed from hotspot system
but unfortunately didn’t work
that’s the rules :

ip firewall filter
chain=hs-unauth action=return dst-address=68.178.232.99
chain=hs-unauth-to action=return src-address=68.178.232.99

ip firewall nat
chain=hs-unauth action=return dst-address=68.178.232.99

and another rule provided by “fewi”

/ip firewall nat
add chain=pre-hotspot dst-address-list=!hotspot-targets action=accept

that last rule should accept and pass whole traffc before processing with hotspot and hotspot works for only the hotspot-targets address list

when trying open any site not in hotspot-targets address list it gives connection error
anyone know where is the problem
please help
thanks all

sergejs · August 10, 2011, 6:32am

Why do you want to use firewall rules and not /ip hotspot walled-garden?

abooddy · August 10, 2011, 1:23pm

because i want to open everything to users but only some websites should need authentication by hotspot system
in addition the address list must be dynamic address list so i think the only way is by firewall rules