----------------------------------------------------------------------------------------------------------------- ISP Controllr - bloqueio e pendencia ----------------------------------------------------------------------------------------------------------------- /ip firewall filter add action=drop chain=forward comment=CTLR-MSG-BLOCKED disabled=no dst-address-list=!released_ips \ dst-port=53 protocol=udp src-address-list=block add action=drop chain=forward comment=CTLR-MSG-BLOCKED disabled=no dst-address-list=!released_ips \ protocol=tcp src-address-list=block ----------------------------------------------------------------------------------------------------------------- Redireciona cliente para pagina de bloqueio e de pendencia ----------------------------------------------------------------------------------------------------------------- /ip firewall nat add action=dst-nat chain=dstnat comment=CTLR-MSG-BLOCKED-HTTP-80 disabled=no dst-address-list=\ !released_ips dst-port=80 protocol=tcp src-address-list=block to-addresses=192.168.10.2 to-ports=\ 8090 add action=dst-nat chain=dstnat comment=CTLR-MSG-BLOCKED-HTTPS-443 disabled=no dst-address-list=\ !released_ips dst-port=443 protocol=tcp src-address-list=block to-addresses=192.168.10.2 to-ports=\ 8091 add action=dst-nat chain=dstnat comment=CTLR-MSG-PENDING-HTTP-80 disabled=no dst-address-list=\ !released_ips dst-port=80 protocol=tcp src-address-list=pendency to-addresses=192.168.10.2 to-ports=\ 8092 add action=dst-nat chain=dstnat comment=CTLR-MSG-PENDING-HTTPS-443 disabled=no dst-address-list=\ !released_ips dst-port=443 protocol=tcp src-address-list=pendency to-addresses=192.168.10.2 \ to-ports=8093 add action=dst-nat chain=dstnat comment=CTLR-NOTICE-HTTP-80 disabled=yes dst-address-list=!released_ips \ dst-port=80 protocol=tcp src-address-list=!notice_msg_released to-addresses=192.168.10.2 to-ports=\ 8094 add action=dst-nat chain=dstnat comment=CTLR-NOTICE-HTTPS-443 disabled=yes dst-address-list=!released_ips \ dst-port=443 protocol=tcp src-address-list=!notice_msg_released to-addresses=192.168.10.2 to-ports=\ 8095 ----------------------------------------------------------------------------------------------------------------- Limpa cliente adicionado à lista de pendencia após 60 segundos. ----------------------------------------------------------------------------------------------------------------- /system scheduler :foreach ip in=[/ip firewall address-list find list="pendency"] do={/ip firewall address-list remove $ip} ----------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------- /ip firewall address-list add address=192.168.10.2 comment="IP DO CONTROLLR" list=released_ips