ok heres the problem.
most of my junk rules i have disabled and deleted so all that stands now are the hotspot rules made by the routeros system and your rule.
my untangle box here is 192.168.5.1
[admin@MikroTik] > /interface print detail
Flags: D - dynamic, X - disabled, R - running, S - slave
0 name="opt" type="ether" mtu=1500 l2mtu=1600
1 R name="net" type="ether" mtu=1500 l2mtu=1600
2 R name="users" type="ether" mtu=1500 l2mtu=1600
[admin@MikroTik] >
[admin@MikroTik] > /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 address=192.168.5.5/24 network=192.168.5.0 broadcast=192.168.5.255
interface=net actual-interface=net
1 address=192.168.99.1/24 network=192.168.99.0 broadcast=192.168.99.255
interface=users actual-interface=users
[admin@MikroTik] >
[admin@MikroTik] > /ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 A S dst-address=0.0.0.0/0 gateway=192.168.5.1
gateway-status=192.168.5.1 reachable net distance=1 scope=30
target-scope=10
1 ADC dst-address=192.168.5.0/24 pref-src=192.168.5.5 gateway=net
gateway-status=net reachable distance=0 scope=10
2 ADC dst-address=192.168.99.0/24 pref-src=192.168.99.1 gateway=users
gateway-status=users reachable distance=0 scope=10
[admin@MikroTik] >
[admin@MikroTik] > /ip firewall filter export
# aug/25/2011 14:56:56 by RouterOS 4.16
# software id =
#
/ip firewall filter
add action=drop chain=input comment="proxy is NOT a Open Proxy" disabled=no \
dst-port=8080 in-interface=net protocol=tcp
add action=drop chain=forward comment="drop all known p2p" disabled=no p2p=\
all-p2p
add action=drop chain=input comment=\
"limit 100 connections per smakaroo then tarpit" connection-limit=100,32 \
disabled=no protocol=tcp
add action=drop chain=input comment="proxy is NOT a Open Proxy" disabled=no \
dst-port=8080 in-interface=net protocol=tcp
add action=tarpit chain=input comment=\
"limit 100 connections per smakaroo then tarpit" connection-limit=100,32 \
disabled=no protocol=tcp
add action=drop chain=forward comment="unknown ip high upload" disabled=no \
dst-address=82.43.225.44
[admin@MikroTik] >
[admin@MikroTik] /ip firewall nat> print detail
Flags: X - disabled, I - invalid, D - dynamic
0 chain=pre-hotspot action=accept hotspot=auth,http
1 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough
2 X ;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=192.168.99.0/24
3 chain=dstnat action=dst-nat to-addresses=192.168.5.1 protocol=tcp
dst-port=80,8080,8888
[admin@MikroTik] /ip firewall nat>
so if i want to put your rule and disable the masquerade rule here i lose access altogether. so tp restore net access i have to disable your rule and enable masquerade.
on a side note its important to note if i enable your rule + the masquerade rule i get the untangle web page very weird.
You do not have the required permissions to view the files attached to this post.