MK-AUTH

Alguém usa DHCP controlando IPxMAC pelo MK-Auth?
Estamos migrando nossos clientes de PPPoE para DHCP com controle.

Exibições: 1082

Responder agora

Respostas a este tópico

Alguém já verificou a questão do Queues se tem que ficar colocando manual ou vai rolar automático?

vou te passar os script que eu utilizo.

## XXX.XXX.XXX.XXX = Ip do mk-auth
## ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ = API Key
## YYY.YYY.YYY.YYY = Ip do Ramal mikrotik
##

/system script

add name=ler_arp1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/arp.php\\\?key=\$KEY&\
ramal=\$RAMAL\" src-path=mkt_arp.php dst-path=mkt_arp.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_arp2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_arp.rsc] != \"\" ) do={\r\
\n :log warning \"Importando ARP\";\r\
\n /import mkt_arp.rsc;\r\
\n /file remove mkt_arp.rsc;\r\
\n}\r\
\n"
add name=ler_dhcp1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"3e24477f179f786e4b44988cd05a1ccb\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/dhcp.php\\\?key=\$KEY\
&ramal=\$RAMAL\" src-path=mkt_dhcp.php dst-path=mkt_dhcp.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_dhcp2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_dhcp.rsc] != \"\" ) do={\r\
\n :log warning \"Importando DHCP\";\r\
\n /ip dhcp-server lease remove [/ip dhcp-server lease find comment~\"cl\
iente\"];\r\
\n /ip dhcp-server lease remove [/ip dhcp-server lease find comment~\"ad\
icional\"];\r\
\n /import mkt_dhcp.rsc;\r\
\n /file remove mkt_dhcp.rsc;\r\
\n}\r\
\n"
add name=ler_pgcorte1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/pgcorte.php\\\?key=\$\
KEY&ramal=\$RAMAL\" src-path=mkt_pgcorte.php dst-path=mkt_pgcorte.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_pgcorte2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_pgcorte.rsc] != \"\" ) do={\r\
\n :log warning \"Importando PgCorte\";\r\
\n /import mkt_pgcorte.rsc;\r\
\n /file remove mkt_pgcorte.rsc;\r\
\n}\r\
\n"
add name=ler_queues1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/queues.php\\\?key=\$K\
EY&ramal=\$RAMAL\" src-path=mkt_queues.php dst-path=mkt_queues.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_queues2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_queues.rsc] != \"\" ) do={\r\
\n :log warning \"Importando QUEUES\";\r\
\n /import mkt_queues.rsc;\r\
\n /file remove mkt_queues.rsc;\r\
\n}\r\
\n"

dai vc pode agendar para executar a cada x tempo.

/system scheduler

add interval=12h name=ler_arp on-event="/system script run ler_arp1\r\
\n:delay 5.0s;\r\
\n/system script run ler_arp2\r\
\n\r\
\n" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:13:37
add interval=12h name=ler_dhcp on-event="/system script run ler_dhcp1\r\
\n:delay 5.0s;\r\
\n/system script run ler_dhcp2\r\
\n\r\
\n\r\
\n" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:13:49


add interval=3h name=ler_pgcorte on-event="/system script run ler_pgcorte1\r\
\n:delay 5.0s;\r\
\n/system script run ler_pgcorte2" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:14:02
add interval=1d name=ler_queues on-event="/system script run ler_queues1\r\
\n:delay 5.0s;\r\
\n/system script run ler_queues2" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:14:13

eu utilizo assim, quando algum cliente é modificado no mk-auth, acesso o ramal e executo os script, 
funciona redondinho.
Lembrando que:
1- O Ip deve estar fixo no cadastro do cliente no mk-auth.
2- O Mac deve estar fixo no cadastro do cliente no mk-auth.
3 -O mac nao pode estar repetido, nem nos desativados.
3 -Deve estar preenchido o campo INTERFACE no cadastro do cliente no mk-auth e deve coincidir com o nome da interface de saída de internet (Interface dos clientes) no mikrotik.
4 - Quando executado os script, é bom ir acompanhando no log do mikrotik por se acontecer algum erro. 



Messias Batista disse:

Alguém já verificou a questão do Queues se tem que ficar colocando manual ou vai rolar automático?

uma coisa que esqueci de esclarecer. Para os clientes estrar travando IP x MAC vc deve ativar na interface dos clientes no mikrotik o ARP=REPLY-ONLY. assim somente os clientes que estiverem cadastrados no ARP somente irão trafegar.

Dario M Adaro disse:

vou te passar os script que eu utilizo.

## XXX.XXX.XXX.XXX = Ip do mk-auth
## ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ = API Key
## YYY.YYY.YYY.YYY = Ip do Ramal mikrotik
##

/system script

add name=ler_arp1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/arp.php\\\?key=\$KEY&\
ramal=\$RAMAL\" src-path=mkt_arp.php dst-path=mkt_arp.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_arp2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_arp.rsc] != \"\" ) do={\r\
\n :log warning \"Importando ARP\";\r\
\n /import mkt_arp.rsc;\r\
\n /file remove mkt_arp.rsc;\r\
\n}\r\
\n"
add name=ler_dhcp1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"3e24477f179f786e4b44988cd05a1ccb\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/dhcp.php\\\?key=\$KEY\
&ramal=\$RAMAL\" src-path=mkt_dhcp.php dst-path=mkt_dhcp.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_dhcp2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_dhcp.rsc] != \"\" ) do={\r\
\n :log warning \"Importando DHCP\";\r\
\n /ip dhcp-server lease remove [/ip dhcp-server lease find comment~\"cl\
iente\"];\r\
\n /ip dhcp-server lease remove [/ip dhcp-server lease find comment~\"ad\
icional\"];\r\
\n /import mkt_dhcp.rsc;\r\
\n /file remove mkt_dhcp.rsc;\r\
\n}\r\
\n"
add name=ler_pgcorte1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/pgcorte.php\\\?key=\$\
KEY&ramal=\$RAMAL\" src-path=mkt_pgcorte.php dst-path=mkt_pgcorte.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_pgcorte2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_pgcorte.rsc] != \"\" ) do={\r\
\n :log warning \"Importando PgCorte\";\r\
\n /import mkt_pgcorte.rsc;\r\
\n /file remove mkt_pgcorte.rsc;\r\
\n}\r\
\n"
add name=ler_queues1 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
===============================\r\
\n:global IPMKAUTH \"XXX.XXX.XXX.XXX\"; \r\
\n:global KEY \"ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\"; \r\
\n:global RAMAL \"YYY.YYY.YYY.YYY\";\r\
\n:global done \"\";\r\
\n/tool fetch mode=http url=\"https://\$IPMKAUTH/mkt/queues.php\\\?key=\$K\
EY&ramal=\$RAMAL\" src-path=mkt_queues.php dst-path=mkt_queues.rsc;\r\
\n:set done \"true\";\r\
\n"
add name=ler_queues2 policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
if ( [/file find name=mkt_queues.rsc] != \"\" ) do={\r\
\n :log warning \"Importando QUEUES\";\r\
\n /import mkt_queues.rsc;\r\
\n /file remove mkt_queues.rsc;\r\
\n}\r\
\n"

dai vc pode agendar para executar a cada x tempo.

/system scheduler

add interval=12h name=ler_arp on-event="/system script run ler_arp1\r\
\n:delay 5.0s;\r\
\n/system script run ler_arp2\r\
\n\r\
\n" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:13:37
add interval=12h name=ler_dhcp on-event="/system script run ler_dhcp1\r\
\n:delay 5.0s;\r\
\n/system script run ler_dhcp2\r\
\n\r\
\n\r\
\n" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:13:49


add interval=3h name=ler_pgcorte on-event="/system script run ler_pgcorte1\r\
\n:delay 5.0s;\r\
\n/system script run ler_pgcorte2" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:14:02
add interval=1d name=ler_queues on-event="/system script run ler_queues1\r\
\n:delay 5.0s;\r\
\n/system script run ler_queues2" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2017 start-time=18:14:13

eu utilizo assim, quando algum cliente é modificado no mk-auth, acesso o ramal e executo os script, 
funciona redondinho.
Lembrando que:
1- O Ip deve estar fixo no cadastro do cliente no mk-auth.
2- O Mac deve estar fixo no cadastro do cliente no mk-auth.
3 -O mac nao pode estar repetido, nem nos desativados.
3 -Deve estar preenchido o campo INTERFACE no cadastro do cliente no mk-auth e deve coincidir com o nome da interface de saída de internet (Interface dos clientes) no mikrotik.
4 - Quando executado os script, é bom ir acompanhando no log do mikrotik por se acontecer algum erro. 



Messias Batista disse:

Alguém já verificou a questão do Queues se tem que ficar colocando manual ou vai rolar automático?

gente usa IPOE com accel-ppp que eh bem mais simples, pratico e o controle dos clientes fica perfeito 

Tem material de IPOE? Compatível com mk-auth e Mikrotik?

Entra em contato comigo que te ajudo, 49 9 9960 6042

Dario M Adaro disse:

Tem material de IPOE? Compatível com mk-auth e Mikrotik?

Responder à discussão

RSS

TheLinuxF

© 2018   Criado por Pedro Filho.   Ativado por

Badges - Divulgar  |  Relatar erro no site  |  Termos de serviço