Hi,
I have a RB1100 and I watch the log of recent as I have noticed that there has been an usual increase in the cpu usage, and I have noticed that that some IPs that have not been allocated to any hotspot users are on and are really trying their best best to do what I really cant tell! I have been having issues with spam and all even though we don't send spam mails here! I even went as far as telling the RB1100 to block port25 and the issues really decreased.

WHat I would like is a CLI command or a script that would stop traffic to IPs that have not been allocated to any hotspot users. This I believe would end my issues once and for all! as I have a problem once I instruct my RB1100 to pass all traffic through my external squid box, it does so and after say 30 minutes or so the traffic stops flowing to the squid so I would like to put paid to the idea that it just might be someone taking over my RB1100!

Thanks

I'm not sure if this will work with a hotspot without disabling the arp poisoning it does. Set the LAN interface arp mode to reply-only, and then in your DHCP server set it to "add arp for leases". Only devices in the ARP table will get responses, and the only way to get into the ARP table is via DHCP, or you manually assigning it. To disable arp poisoning set the hotspot server's "address pool" to none.