The mikrotik router hotspot login page has been redesigned to be a form rather than username and password.Once you click login, the mail script in the login page sends form elements/parameters to a specified email address. This then redirects to the status page.

Now, from the status page, you should be able to browse just one website only.

So i setup IP webproxy and allowed just that site alone and then used a wildcard to deny all other sites.

The issue:

The deny blocks the mail script in the login.html page and does not re-direct to status page,so no user is able to login.

Help

Hi , there is many features in firewall , you can play with that features to find it and exclude your page

which page you need to allow??

which page you need to allow??

I need to re-direct all http/https traffic to just one website which is allowed on the hotspot so no matter the website you type, it re-directs you to just one.

I have setup proxy to block several sites but this is just cumbersome and have setup filter and NAT rules but this doesn't do the trick either.

I setup a dst path wild card * in proxy to deny all http request and allow the website i want.This works but the issue i now have is that the post mail script which sends the form data on the hotspot login page to the mail server gets blocked :

<form name="contactform" method="post" action="http://xxxx.xxxxxxx.com/send.php">

when this is blocked, user does not get authenticated and nothing works.

So i figured out that rather than blocking sites, why don't i just do something like a permanent re-direct to just that website.

is this possible?

Thanks

Setup hotspot
remove all stuff you put in walled garden
add http://xxxx.xxxxxxx.com/ in your walled garden


So, all (http) sites will be redirected to local rlogin.html page, which leads to http://xxxx.xxxxxxx.com/send.php, which is allowed. Problem should be solved.

Setup hotspot
remove all stuff you put in walled garden
add http://xxxx.xxxxxxx.com/ in your walled garden


So, all (http) sites will be redirected to local rlogin.html page, which leads to http://xxxx.xxxxxxx.com/send.php, which is allowed. Problem should be solved.

I have done this already.its does not work

then post your hotspot config
/ip hotspot export

and the content of the file rlogin.html

then post your hotspot config
/ip hotspot export

and the content of the file rlogin.html

/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
add dns-name="" hotspot-address=192.168.145.1 html-directory=xxxxxxxxx..... \
http-proxy=0.0.0.0:0 login-by=http-chap,http-pap name=hsprof1 rate-limit="" \
smtp-server=0.0.0.0 split-user-domain=no use-radius=no
/ip hotspot
add address-pool=hs-pool-6 addresses-per-mac=1 disabled=no idle-timeout=1m \
interface=bridge1 keepalive-timeout=none name=HOTPROF profile=hsprof1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \
shared-users=1 status-autorefresh=1m transparent-proxy=no
add address-pool=hs-pool-6 advertise=no idle-timeout=none keepalive-timeout=2m \
name=45out open-status-page=always session-timeout=45m shared-users=50 \
status-autorefresh=1m transparent-proxy=yes
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password="" profile=default
add disabled=no name=guest password=123guest profile=45out
/ip hotspot walled-garden
add action=allow disabled=no dst-host=XXX.XXXXXX.com dst-port=\


RLOGIN.HTML

$(if http-status == 302)Hotspot login required$(endif)
$(if http-header == "Location")$(link-redirect)$(endif)
<html>
<!--
<?xml version="1.0" encoding="UTF-8"?>
<WISPAccessGatewayParam
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://$(hostname)/xml/WISPAccessGatewayParam.xsd">
<Redirect>
<AccessProcedure>1.0</AccessProcedure>
<AccessLocation>$(location-id)</AccessLocation>
<LocationName>$(location-name)</LocationName>
<LoginURL>$(link-login-only)?target=xml</LoginURL>
<MessageType>100</MessageType>
<ResponseCode>0</ResponseCode>
</Redirect>
</WISPAccessGatewayParam>
-->
<head>
<title>...</title>
<meta http-equiv="refresh" content="0; url=$(link-redirect)">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="-1">
</head>
<body>
</body>
</html>

so where did you put the
<form name="contactform" method="post" action="http://xxxx.xxxxxxx.com/send.php">
part ?

It should be somewhere in the rlogin.html / <body>


And anyway, if you just want to give access to 1 website, replace rlogin.html by this