Dear All
I'm still looking for script that can auto BLOCK any clints IP or MAC who try to log in to hotspot 3 time with wrong username and password
I'm not talking about SSH and TELNET because I live in crowded area
thank you Jotne for your replyIf you can see it in the logs, you can make a script for it.
This is nearly the same as block VPN user not authenticate correctly.
See here:
viewtopic.php?t=148397
#Hotspot IP to MAC binding#
:foreach a in=[/ip firewall address-list find where dynamic=yes and list=hotspot_blacklist] do={
:local ipaddr [/ip firewall address-list get $a value-name=address]
:local m [/ip arp find where address=$ipaddr dynamic=yes]
:local mac [/ip arp get $m mac-address]
/ip hotspot ip-binding add type=blocked mac-address=$mac comment="blocked from script"
/ip firewall address-list remove $a
:log warning ("Blocked from Hotspot " . " MAC: " . $mac)
}
/ip firewall filter
add chain=input protocol=tcp src-address-list=hotspot_blacklist action=drop comment="Hotspot bruteforce prevention"
add chain=output action=accept protocol=tcp content="invalid username or password" dst-limit=2/1m,4,dst-address/2m comment="Hotspot bruteforce prevention"
add chain=output action=add-dst-to-address-list protocol=tcp content="invalid username or password" address-list=hotspot_blacklist address-list-timeout=3h