I am looking for a dhcp lease script, have tried my all for many days.
I want the script to match the combo of "host name - Mac" to previously saved "host name - Mac" in firewall mangle comments ( which is used to log traffic of users in hotspot).
If it matches dhcp lease should be good to go.
If it doesn't match it should be released
If the comments dont exist for first time login dhcp should be good to go.
Ps I have
1 script to add mangle rules, add comment based on host name - Mac combo
2 script to remove said rules and comments on expiry of hotspot user session.
Re: Script needed
<
{
:local mac $leaseActMAC
:local host $"lease-hostname"
:local male [/ip firewall mangle get value-name=comment [find comment~"$mac"]]
:local comp "$host - $mac "
:log info "$male"
:log info "$comp";
:local leng [:len [find $male "\$@"]]
:if [($male!=$comp)] do={
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]}}
>
i have written this but it does not go past ":local male..." i suppose because it doesnt find the variable, so i need it to work even if said MAC user logs in for first time.
also to go with it i have written a user login script which adds the hostname - mac to the mangle comments.
essentially i want if the current hostname-mac is different than the one added in "mangle comments" then either the user needs to login again or we can script to deny dhcp lease altogether, but need to get past my error first, also if it is a first time login then user may go ahead.
{
:local mac $leaseActMAC
:local host $"lease-hostname"
:local male [/ip firewall mangle get value-name=comment [find comment~"$mac"]]
:local comp "$host - $mac "
:log info "$male"
:log info "$comp";
:local leng [:len [find $male "\$@"]]
:if [($male!=$comp)] do={
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]}}
>
i have written this but it does not go past ":local male..." i suppose because it doesnt find the variable, so i need it to work even if said MAC user logs in for first time.
also to go with it i have written a user login script which adds the hostname - mac to the mangle comments.
essentially i want if the current hostname-mac is different than the one added in "mangle comments" then either the user needs to login again or we can script to deny dhcp lease altogether, but need to get past my error first, also if it is a first time login then user may go ahead.
Re: Script needed
:local mac $leaseActMAC
:local host $"lease-hostname"
:if ([/ip firewall mangle print count-only where comment~"$mac"]=0) do={
:log info "$mac doesnt exists, allowed"
} else ={
:local male (/ip firewall mangle get value-name=comment (find where comment~"$mac"));
:log info "matching hostname now";
:local comp "$host - $mac "
:log info "$male";
:log info "$comp";
:if [$male!=$comp] do={
:log info "error $mac already registered with different hostname";
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]
} else ={
:log info "$mac registered with correct hostname";}}
i dont know but i still can not get the “male” variable to work, despite the fact that it will always output only one string and not array.
:local host $"lease-hostname"
:if ([/ip firewall mangle print count-only where comment~"$mac"]=0) do={
:log info "$mac doesnt exists, allowed"
} else ={
:local male (/ip firewall mangle get value-name=comment (find where comment~"$mac"));
:log info "matching hostname now";
:local comp "$host - $mac "
:log info "$male";
:log info "$comp";
:if [$male!=$comp] do={
:log info "error $mac already registered with different hostname";
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]
} else ={
:log info "$mac registered with correct hostname";}}
i dont know but i still can not get the “male” variable to work, despite the fact that it will always output only one string and not array.
Re: Script needed, mac spoof protection.
:local mac $leaseActMAC
:local host $"lease-hostname"
:global leaseBound
:if ($leaseBound = 1) do={
:local maccheck [/ip firewall mangle print count-only where comment~"$mac"]
:local hostcheck [/ip firewall mangle print count-only where comment="$host - $mac "]
:if ($maccheck = 0) do={
:log info "$mac not registered previously, allowed"}
:if (($maccheck = 1)&&($hostcheck = 0)) do={
:log info "error $mac already registered with different hostname, removing previous session"
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]}
:if (($maccheck = 1)&&($hostcheck = 1)) do={
:log info "$mac registered with correct hostname $host"}}
:if ($leaseBound = 0) do={
:log info "$mac dhcp assign removed"}
Finally got it working.
Now will add a line to save to file all illegal attempts together with the log. That way I can just see one file and know if any attempts have been made to spoof mac..
Say what?
:local host $"lease-hostname"
:global leaseBound
:if ($leaseBound = 1) do={
:local maccheck [/ip firewall mangle print count-only where comment~"$mac"]
:local hostcheck [/ip firewall mangle print count-only where comment="$host - $mac "]
:if ($maccheck = 0) do={
:log info "$mac not registered previously, allowed"}
:if (($maccheck = 1)&&($hostcheck = 0)) do={
:log info "error $mac already registered with different hostname, removing previous session"
/ip hotspot cookie remove [find mac-address=$mac]
/ip hotspot active remove [find mac-address=$mac]}
:if (($maccheck = 1)&&($hostcheck = 1)) do={
:log info "$mac registered with correct hostname $host"}}
:if ($leaseBound = 0) do={
:log info "$mac dhcp assign removed"}
Finally got it working.
Now will add a line to save to file all illegal attempts together with the log. That way I can just see one file and know if any attempts have been made to spoof mac..
Say what?
Re: Script needed
Have you seen many attempts to spoof the mac address?
As long as you get in a log, you can send it to external syslog server and graph it.
See my signature for example on monitoring MT using Splunk.
As long as you get in a log, you can send it to external syslog server and graph it.
See my signature for example on monitoring MT using Splunk.
Re: Script needed
Not really, but I am logging all connections for legal purposes.Have you seen many attempts to spoof the mac address?
As long as you get in a log, you can send it to external syslog server and graph it.
See my signature for example on monitoring MT using Splunk.
But now have separated the log file for script, so it is now easier to know what all is happening.
Re: Script needed
Hi there
I have many attempts to Spoof Mac address
I used this script but it doesn't working
I seems I still need the login user script to get it work
Any one can help me please
Thanks
I have many attempts to Spoof Mac address
I used this script but it doesn't working
I seems I still need the login user script to get it work
Any one can help me please
Thanks
Re: Script needed
Hi everyone.
Since this topic was Script needed I thought that this might be the place to ask this instead of making a new thread.
Ok I have a Mikrotik Router of course...
But I need a script that can move IP addresses from one list to another without going to a file first. This is done internally not from one Router to another..
So that is that. Anyone with some easy to understand script for this..
Thanks so much in advance.
Since this topic was Script needed I thought that this might be the place to ask this instead of making a new thread.
Ok I have a Mikrotik Router of course...
But I need a script that can move IP addresses from one list to another without going to a file first. This is done internally not from one Router to another..
So that is that. Anyone with some easy to understand script for this..
Thanks so much in advance.
Re: Script needed
I do suggest you create a new thread. Not all are equal good to create an informative title.
So for example. Need a script to move IP from one address list to another.
And in new thread also specify what criteria needed to move the IP addresses.
So for example. Need a script to move IP from one address list to another.
And in new thread also specify what criteria needed to move the IP addresses.
Who is online
Users browsing this forum: No registered users and 14 guests