中尉
- 注册时间
- 2009-7-29
- 金币
- 767 个
- 威望
- 2 个
- 荣誉
- 0 个
累计签到:9 天 连续签到:0 天 [LV.20]漫游旅程
|
最后一个就是给大家脚本了,希望大家能成功。下面不管是有线,无线,只要有ROS作为一台过滤层就行了。
:global name;
#用户名
:global vname;
#用户名特征,取前2位
:global mac;
/ppp active
:foreach i in=[find] do={:set mac [get $i caller-id];:set name [get $i name];:set vname [:pick [get $i name] 0 2];
:log error (“账号特征:” . $vname)
:global bshift false;
:global shift false;
/interface bridge filter
:global bmac
:global mkmac
:global mkname
:foreach j in=[find comment!=""] do={:set bmac [:pick [get $j src-mac-address] 0 17];
:if ($mac=$bmac) do={:set shift true;:set bshift true;:set mkmac $bmac;:set mkname [get $j comment]} else={:set shift false;}
}
:if ($bshift) do={:log warning (“用户:.” . $name .”被踢下线–” . “原因:MAC:” . $mkmac . “已绑定账号:” . $name);/ppp active remove $i;} else={
#这里处理账号归类
:if ($vname=”lt”) do={
:log error (“联通账号:” . $name . “已绑定MAC:” .$mac);
add chain=forward out-interface=CNC src-mac-address= ($mac .”/FF:FF:FF:FF:FF:FF”) \
mac-protocol=pppoe-discovery action=accept comment=(“联通账号” . $name.” “.$nyr2);
add chain=input in-interface=!CNC in-bridge=bridge src-mac-address= ($mac .”/FF:FF:FF:FF:FF:FF”) \
mac-protocol=pppoe-discovery action=drop comment=(“联通账号” . $name.” “.$nyr2);
move [find comment=("联通账号" . $name." ".$nyr2)];
/delay 1
/ppp active remove [find name=$name]
} else={:if ($vname=”dx”) do={
:log error (“电信账号:” . $name . “已绑定MAC:” .$mac);
add chain=forward out-interface=TEL src-mac-address= ($mac .”/FF:FF:FF:FF:FF:FF”) \
mac-protocol=pppoe-discovery action=accept comment=(“电信账号” . $name.” “.$nyr2);
add chain=input in-interface=!TEL in-bridge=bridge src-mac-address= ($mac .”/FF:FF:FF:FF:FF:FF”) \
mac-protocol=pppoe-discovery action=drop comment=(“电信账号” . $name.” “.$nyr2);
/delay 1
/ppp active remove [find name=$name]
} else={:log info “其他账号将不增加到列表”}}
/delay 1
/interface bridge filter move [find comment =1] destination=
/interface bridge filter move [find comment =2] destination=
}
}
}
这里要提及的是,必须要加一台 免认证服务器,脚本 网上别人发过的,可以用的。大家可以测试测试。
|
|