Community discussions

MikroTik App
 
EbeltoftsNet
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Wed Mar 15, 2006 4:35 pm
Location: Denmark

Ban / disable user

Thu Mar 16, 2006 12:35 am

version 2.9
I have some user, I have to ban, from the net
I have the user in mangle, whith ip adresse, if I try to disable, is still getting traffic

when user is ban / disable, can they bee redirect to a web-site, to get a message

what / how to do ??
 
yancho
Member Candidate
Member Candidate
Posts: 205
Joined: Tue Jun 01, 2004 3:04 pm
Location: LV

Thu Mar 16, 2006 12:40 am

ip firewall filter add chain=forward src-address=bad.user.ip action=drop
Last edited by yancho on Thu Mar 16, 2006 1:01 am, edited 1 time in total.
 
EbeltoftsNet
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Wed Mar 15, 2006 4:35 pm
Location: Denmark

Thu Mar 16, 2006 12:47 am

if firewall filter add chain=forward src-address=bad.user.ip action=drop
I am new in this, do I have to use the terminal to this, or where ??
 
User avatar
aitsecurity
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 16, 2006 12:28 am
Location: venezuela

Thu Mar 16, 2006 12:50 am

if firewall filter add chain=forward src-address=bad.user.ip action=drop
I am new in this, do I have to use the terminal to this, or where ??

yes if do you want,
 
User avatar
jager
Trainer
Trainer
Posts: 296
Joined: Mon Oct 31, 2005 2:44 am
Location: Sierra Leone
Contact:

Re: Ban / disable user

Thu Mar 16, 2006 12:59 am

version 2.9
when user is ban / disable, can they bee redirect to a web-site, to get a message
Yes. Redirect all his traffic on port 80 to server that will display your "You`re disabled/banned" page. It can be an another apache process on your existing web server that will listen on different port than 80.
And, finally, drop all his other traffic.
 
yancho
Member Candidate
Member Candidate
Posts: 205
Joined: Tue Jun 01, 2004 3:04 pm
Location: LV

Thu Mar 16, 2006 1:00 am

upz sory little typing error:
ip firewall filter add chain=forward src-address=bad.user.ip action=drop
 
EbeltoftsNet
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Wed Mar 15, 2006 4:35 pm
Location: Denmark

Thu Mar 16, 2006 1:03 am

I make it in filter rules
add
general
chain: forward
src adress: ??

how to make src adress "bad.user.ip"
I only can do 0.0.0.0
 
EbeltoftsNet
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Wed Mar 15, 2006 4:35 pm
Location: Denmark

Thu Mar 16, 2006 1:14 am

Forget the last,
Do I need to do that evertime i have a user, ther have to be disable
"can I use the disable in mangle", because I have 100 user
and i very easy to klick on disable :D
I have try, but it don't work
 
EbeltoftsNet
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Wed Mar 15, 2006 4:35 pm
Location: Denmark

Re: Ban / disable user

Thu Mar 16, 2006 1:19 am

version 2.9
when user is ban / disable, can they bee redirect to a web-site, to get a message
Yes. Redirect all his traffic on port 80 to server that will display your "You`re disabled/banned" page. It can be an another apache process on your existing web server that will listen on different port than 80.
And, finally, drop all his other traffic.
How to make it?
can you make an example
 
User avatar
jager
Trainer
Trainer
Posts: 296
Joined: Mon Oct 31, 2005 2:44 am
Location: Sierra Leone
Contact:

Thu Mar 16, 2006 1:25 am

chain=dstnat src-address=disabled.user.ip.address dst-address=!your.web.server.ip
protocol=tcp dst-port=80 action=dst-nat to-addresses=your.web.server.ip
to-ports=81
 
EbeltoftsNet
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 90
Joined: Wed Mar 15, 2006 4:35 pm
Location: Denmark

Thu Mar 16, 2006 1:33 am

chain=dstnat src-address=disabled.user.ip.address dst-address=!your.web.server.ip
protocol=tcp dst-port=80 action=dst-nat to-addresses=your.web.server.ip
to-ports=81
can you make this like a standart, to all who is disable, or do you have to make a rule everytime, somthing more easy

is the same when I disable, I have to make a rule on the ip adress.

is there a more smart way to this, in mangle there is a butten disable
can it be use to switch users off
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6621
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Thu Mar 16, 2006 8:21 am

I suggest you to use authorization and accounting system (HotSpot), that will allow to handle router users more easily,
http://www.mikrotik.com/docs/ros/2.9/ip/hotspot

Who is online

Users browsing this forum: bandoravic, FPnut, jorgeti, tdw and 154 guests