My problem is the following:
I need to make a script that takes the ip from a banned list and blocks that ip in the static dhcp.
the reason is the next. when I detect a network scan in the internal lan but balla to the group of bane, it does not take effect since it is in the lan, but if I block it from the dhcp it loses its access to the network since the dhcp is tied by mac, and the ARP by reply-only
This code will achieve what I want but with a given ip:
:local busyaddr [ip dhcp-server lease find address="192.168.10.12"]
:local i
:foreach i in $busyaddr do={
/ip dhcp-server lease set block-access=yes $i;
}
the problem is how to use a list (: local ip_list address-list = "port scanners") so that it crosses it and plique the blockade to each one of the ip to exist in the dhcp.
Re: script dhcp block
what is the problen????
:local hosts "172.23.4.1","172.23.4.80"
:foreach host in $hosts do={
:local busyaddr [ip dhcp-server lease find address=$host]
:local i
:foreach i in $busyaddr do={
/ip dhcp-server lease set block-access=yes $i;
}
}
or
:local hosts "172.23.4.1","172.23.4.80"
:foreach host in $hosts do={
:foreach i in= [/ip dhcp-server lease find address $host] do={
:local ipnum [/ip dhcp-server lease get $i address]
:local busyaddr [ip dhcp-server lease find address $ipnum]
/ip dhcp-server lease set block-access=yes $busyaddr;
}
}
:local hosts "172.23.4.1","172.23.4.80"
:foreach host in $hosts do={
:local busyaddr [ip dhcp-server lease find address=$host]
:local i
:foreach i in $busyaddr do={
/ip dhcp-server lease set block-access=yes $i;
}
}
or
:local hosts "172.23.4.1","172.23.4.80"
:foreach host in $hosts do={
:foreach i in= [/ip dhcp-server lease find address $host] do={
:local ipnum [/ip dhcp-server lease get $i address]
:local busyaddr [ip dhcp-server lease find address $ipnum]
/ip dhcp-server lease set block-access=yes $busyaddr;
}
}
Who is online
Users browsing this forum: No registered users and 30 guests