230

AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

 

RouterOS v3 Configuration and User Guide

 

 

￿

There can be multiple cookies with the same MAC address. For example, there will be a separate cookie for each web browser on the same computer.

Cookies can expire - that's the way how it is supposed to be. Default validity time for cookies is 3 days

(72 hours), but it can be changed for each individual HotSpot server profile, for example :

/ip hotspot profile set default http-cookie-lifetime=1d

Example

To get the list of valid cookies:

[admin@AT-WR4562] ip hotspot cookie> print

 

# USER

DOMAIN

MAC-ADDRESS

EXPIRES-IN

0 ex

 

01:23:45:67:89:AB

23h54m16s

[admin@AT-WR4562] ip hotspot cookie>

10.3.3HTTP-levelWalled Garden

Submenu level: /ip hotspot walled-garden

Description

Walled garden is a system which allows unauthorized use of some resources, but requires authorization to access other resources. This is useful, for example, to give access to some general information about HotSpot service provider or billing options.

This menu only manages Walled Garden for HTTP and HTTPS protocols. Other protocols can also be included in Walled Garden, but that is configured elsewhere (in /ip hotspot walled-garden ip; see the next section of this manual for details)

Property Description

action (allow deny; default: allow) - action to undertake if a request matches the rule: allow - allow the access to the page without prior authorization

deny - authorization is required to access this page

dst-address(read-only: IP address) - IP address of the destination web server (installed by IP-level walled garden)

dst-host(wildcard; default: "") - domain name of the destination web server

dst-port(integer; default: "") - the TCP port a client has send the request to

hits (read-only: integer) - how many times has this rule been used method (text) - HTTP method of the request

path (wildcard; default: "") - the path of the request

server (name) - name of the HotSpot server this rule applies to src-address(IP address) - IP address of the user sending the request

￿

Wildcard properties (dst-host and dst-path) match a complete string (i.e., they will not match "example.com" if they are set to "example"). Available wildcards are '*' (match any number of any characters) and '?' (match any one character). Regular expressions are also accepted here, but if the property should be treated as a regular expression, it should start with a colon (':').

Small hits in using regular expressions:

\\symbol sequence is used to enter \ character in console

\.pattern means . only (in regular expressions single dot in pattern means any symbol)

to show that no symbols are allowed before the given pattern, we use ^ symbol at the beginning of the pattern

to specify that no symbols are allowed after the given pattern, we use $ symbol at the end of the pattern You can not use path property for HTTPS requests as router can not (and should not - that is what the HTTPS protocol was made for!) decrypt the request.

Page 229 Page 231
Page 230
Image 230
Allied Telesis AT-WR4500 manual HTTP-levelWalled Garden, To get the list of valid cookies, # User Domain MAC-ADDRESS
Page 229 Page 231
Top Page Image Contents