-----------------------------------------------------------------------------------------------------------------
ISP Controllr - bloqueio e pendencia;
-----------------------------------------------------------------------------------------------------------------

/ip firewall filter

add action=drop chain=forward comment=CTLR-MSG-BLOCKED disabled=no dst-address-list=!released_ips \
    dst-port=!53 protocol=udp src-address-list=block
add action=drop chain=forward comment=CTLR-MSG-BLOCKED disabled=no dst-address-list=!released_ips \
    protocol=tcp src-address-list=block

-----------------------------------------------------------------------------------------------------------------
Redireciona cliente para pagina de bloqueio e de pendencia;
-----------------------------------------------------------------------------------------------------------------

/ip firewall nat

add action=dst-nat chain=dstnat comment=CTLR-MSG-BLOCKED-HTTP-80 disabled=no dst-address-list=\
    !released_ips dst-port=80 protocol=tcp src-address-list=block to-addresses=192.168.10.2 to-ports=\
    8090
add action=dst-nat chain=dstnat comment=CTLR-MSG-BLOCKED-HTTPS-443 disabled=no dst-address-list=\
    !released_ips dst-port=443 protocol=tcp src-address-list=block to-addresses=192.168.10.2 to-ports=\
    8091
add action=dst-nat chain=dstnat comment=CTLR-MSG-PENDING-HTTP-80 disabled=no dst-address-list=\
    !released_ips dst-port=80 protocol=tcp src-address-list=pendency to-addresses=192.168.10.2 to-ports=\
    8092
add action=dst-nat chain=dstnat comment=CTLR-MSG-PENDING-HTTPS-443 disabled=no dst-address-list=\
    !released_ips dst-port=443 protocol=tcp src-address-list=pendency to-addresses=192.168.10.2 \
    to-ports=8093

-----------------------------------------------------------------------------------------------------------------
Lista de IPs liberados para não serem bloqueados;
-----------------------------------------------------------------------------------------------------------------

/ip firewall address-list

add address=192.168.10.2 comment="IP_DO_CONTROLLR" list=released_ips

-----------------------------------------------------------------------------------------------------------------
Limpa cliente adicionado na pendencia a cada 2 minutos para liberar a navegação;
-----------------------------------------------------------------------------------------------------------------

Adicionar em Scheduler:

START TIME: startup

INTERVAL: 00:02:00

ON EVENT: :foreach ip in=[/ip firewall address-list find list="pendency"] do={/ip firewall address-list remove $ip}

-----------------------------------------------------------------------------------------------------------------