SONTAYA'P BLOGGER

IT Digital lifestyle

RouterOS 6.0 ออกแล้ว เพิ่มฟีเจอร์ mac-cookie login (WiFi Hotspot ล็อกอินอัตโนมัติด้วยวิธีการจดจำ MAC Address)

bySONTAYA May 21, 2013 Linux

ถึงจะไม่ใช่วิธีอิมพลีเม้นท์แบบมาตรฐานแต่โอเปอร์เรเตอร์บ้านเราก็ใช้วิธีนี้ คุณได้สิทธิ์นี้เฉพาะลูกค้าที่สมัคร WiFi แพ็คเกจเท่านั้น (ส่วนฟรี WiFi ต่างๆ น่าๆ ยังคง manual login) ส่วนวิธีมาตรฐานจะใช้เทคโนโลยี EAP-SIM (EAP-SIM RADIUS Server Authentication) ซึ่งปลอดภัยกว่า

ฟีเจอร์ cookie กับ mac-cookie ต่างกันอย่างไร?

cookie (คุกกี้)ครั้งแรกที่ล็อกอิน เว็บเบราว์เซอร์จะจดจำยูสเซอร์เนมและรหัสผ่านไว้ เมื่อเบราว์เซอร์ถูกปิด และในระบบเซสชั่นยังไม่ timeout (HTTP Cookie Lifetime) เมื่อมีการเปิดเว็บเบราว์เซอร์ขึ้นใหม่อีกครั้ง มันจะทำการล็อกอินให้อัตโนมัติ (ไม่ขึ้นหน้าต่างให้ล็อกอิน)

มันก็ล็อกอินอัตโนมัติแล้วทำไมต้องพึ่ง mac-cookie?

เมื่อเซสชั่น timeout เวลาเราเปิดแอพพลิเคชันต่างๆ เช่น Facebook, Play Store, YouTube หรือ Speed Test จะไม่สามารถเชื่อมต่อกับอินเทอร์เน็ตได้ เนื่องจากเรายังไม่ได้ล็อกอินเข้าสู้ระบบ ทำให้เกิดความไม่สะดวกตามมา เพราะว่าต้องไปเปิดเบราว์เซอร์ก่อนเพื่อล็อกอิน ถึงมาใช้งานแอพพลิเคชันที่ว่ามาได้ (แต่ถ้าเป็นอุปกรณ์ iOS จะ redirect ขึ้น pop-up ให้ล็อกอินเลย ส่วนเจ้า Android ต้องล็อกอินเอง)

mac-cookie ฟีเจอร์นี้ตอบโจทย์ได้ไหม?

ได้ครับ เมื่อ MAC cookie ยังไม่ timeout เช่น กำหนดค่า (mac-cookie-timeout) เท่ากับ 1 เดือน (หรือตลอดอายุของแพ็คเกจที่สมัครใช้งาน) ระบบก็จะจดจำยูสเซอร์เนมกับรหัสผ่านสำหรับ MAC address อุปกรณ์เครื่องนี้ไว้นาน 1 เดือน ซึ่งจะทำให้สะดวกยิ่งขึ้นเพราะไม่ต้องล็อกอิน หลังจากเชื่อมต่อ Wifi ได้ก็เปิดใช้แอพพลิเคชันต่างๆ ได้เลย (อาจจะทำเป็นแพ็คเกจ VIP ให้ลูกค้าได้อีกด้วยครับ)

What’s new in 6.0 (2013-May-17 14:04):

*) ipsec – added /peer passive option which will prevent starting ISAKMP negotiation
and signifies xauth responder/initiator side;
*) RouterBOARD – default wireless config now includes password – serial number;
*) lte – support YOTA WLTUBA-107;
*) console – fixed crash when variable name was not specified for
*) hotspot – added mac-cookie login method; (ล็อกอินอัตโนมัติด้วยวิธีการจดจำ MAC Address)
//wiki.mikrotik.com/wiki/Manual:Hotspot_Introduction#MAC_Cookie
*) lcd – show a message when system shutdown is complete;
*) lcd – added Log screen which is accessible through the Main Menu
and shows log messages where action=echo;
*) ipsec – added pre-shared-key-xauth and rsa-signature-hybrid authentication methods;
*) increased max l2mtu on CCR to 10226 bytes;
*) fixed crash on RB1200;
*) fixed bonding – did not work after remove, undo;
*) fixed queues – router could become unresponsive when configuring queues;

ดาวน์โหลด
MAC Cookie

MAC cookie is a new hotspot feature, designed to improve accessibility for smartphones, laptops and other mobile devices.

When MAC cookie feature is enabled (login-by=mac-cookie, add-mac-cookie=yes set in user profile), following actions are taken:

  • first successful login. Mac cookie keeps record of username and password for the MAC address if there is only one host with such MAC. Cookie timeout is set to value equal to mac-cookie-timeout.
  • new host appears. Hotspot checks if there is a mac cookie record for the MAC address and logs in host using recorded username and password. If there is more than one host with the same MAC address, user will not be logged in and MAC cookie record for this address will be deleted.
  • When user logs out mac cookie is removed in following cases:
    • user-request – user clicked on logout button.
    • admin-reset – disconnected from radius server or user is removed from hotspot active menu
    • nas-request – traffic limit reached
    • session-timeout
TaggedMikroTik

Cannot login to Joomla backend as admin

Skype 4.2 สำหรับลินุกซ์ออกแล้ว

4 thoughts on “RouterOS 6.0 ออกแล้ว เพิ่มฟีเจอร์ mac-cookie login (WiFi Hotspot ล็อกอินอัตโนมัติด้วยวิธีการจดจำ MAC Address)”

  1. sontaya
    July 20, 2013 at 9:01 pm

    What’s new in 6.1 (2013-Jun-12 11:50)
    ————————————-
    *) pptp, l2tp – fixed crash when tunnel mru was too big and fragmented ip packet
    was received;
    *) hotspot – fixed problem when after upgrade hotspot html directory was empty;
    *) ipv6 nd – dns dynamic-servers were not included in router advertisements;
    *) winbox – fixed problem Switch menu disappeared on RB2011;
    *) fixed memory amount issue on RB1100AHx2;
    *) console – ‘/import’ prints each command that is executed;
    *) console – ‘import’ has new argument ‘from-line’ that starts executing
    commands after specified line;
    *) secure api – fixed problem when wrong client ip address was reported;
    *) hotspot – fixed universal client;
    *) api – added support for API over TLS (SSL);
    *) api – api service is now enabled by default;
    *) ppp – do not show R flag for locally authenticated users;
    *) vrrp – fixed ah authentication;
    *) webfig – added support for RADIUS authentication (via MS-CHAPv2);
    *) ipsec – for peers with full IP address specified system will
    autostart ISAKMP SA negotiation;
    *) trafficgen – added inject-pcap command for replaying pcap files into network;
    *) dns – retry queries with tcp if truncated results received;
    *) improved queue statistics updating;
    *) fix 1G linking with some Cisco devices (affects RB7xx, RB9xx, RB1100, RB2011, CCR);

  2. SONTAYA
    August 2, 2013 at 11:02 pm

    RouterOS v6.2 released
    ======================

    What’s new in 6.2 (2013-Aug-02 10:37):

    *) console – added “on-error” argument to ‘:do’ command that is executed
    if command raises error;
    *) hotspot – fixed chap error after failed http-chap login (broken in v6.1);
    *) console – added new ‘:return’ command that interrupts execution of script
    and passes argument as return value if script was called as function;
    *) routerboot – fixed upgrade from RouterOS (could fail on some units);
    *) userman – fixed payment gateway response notify processing;
    *) console – resolved issue with ‘from-pool’ propery in ‘/ipv6 address’;
    *) console – array value syntax in expressions ‘{1;2;3;4}’ now can
    specify values with word keys as ‘{a=1;b=2}’;
    *) console – added ‘verbose’ argument to ‘/import’ command that enables
    line-by-line script import. By default import whole script at once
    and don’t print it, as it was in version 6.0;
    *) console – ‘:global’, ‘:local’ and ‘:set’ commands have new parameter ‘do’
    that allows assigning block of commands to the variable;
    *) console – global variables now are common to all users and are
    available to all users with at least “read,write,test,policy” policy;
    *) console – fixed parameter passing to scripts. Script parameters can
    be accessed without declaring them with ‘:local’ and ‘:global’ commands.
    For backwards compatibility global variables are first looked up in
    script parametrs;
    *) console – ‘$var 1 2 a=”a” b=”b”‘ syntax for passing parameters to commands
    stored in a variable. Parameters are accessed as ‘$1’ ‘$2’ ‘$a’ ‘$b’;
    *) ipsec – fixed peer address matching;
    *) ups – query smart ups capabilities before issuing any commands;
    *) improved CCR responsiveness on other interfaces when one interface is under attack;
    *) sms tool – added sim-pin setting;
    *) dhcp server – framed routes are now also added to the server routing table;
    *) dhcpv6 server – added binding-script option;
    *) proxy – allow multiple src-address for ipv4 and ipv6;
    *) eoip,gre tunnels could occasionally crash multicore router;
    *) fixed bug – sometimes some types of interfaces would stop working;
    *) ipsec sometimes could crash kernel on CCR;
    *) connection tracking sometimes could crash kernel on CCR;
    *) ppp,pptp,l2tp,sstp – added default-route-distance parameter;
    *) scep – “/cert scep ra” merged into “/cert scep client” without saving ra config;
    *) ipsec – fix phase1 autonegotiation on little endian platforms;
    *) pppoe server – allow service with empty service-name to accept all pppoe clients;
    *) lcd – current-screen option is replaced with “/lcd show” command
    *) lcd – current-interface option is replaced with “/lcd interface display” command
    *) graphing – make graphs stable on ppp & ovpn interfaces;
    *) www, hotspot – fixed problem when www service stopped responding on high load;
    *) winbox, webfig: allow to enter space in the text fields;
    *) webfig – fixed configuration of VPLS & routing filters;
    *) lcd – added option for enabling or disabling the touch screen;
    *) lcd – added options for screen switching;
    *) lcd – up to 10 non-physical interfaces can now be added to the lcd;
    *) lcd – all interface graph screen can now be customized from /lcd interface page;
    *) backup – changed default backup file name to –

    –.backup
    for file browsers to sort them properly;
    *) webfig – it did not work in Opera;
    *) webfig – made terminal work again;
    *) winbox – added ability to fully set up traffic generator in winbox;
    *) trafficgen – allow ranges for ip addrs and udp ports;
    *) trafficgen – add tcp header support;
    *) queue simple – fixed bug – actual queue order sometimes was wrong;
    *) queue simple – queue is not invalid when at least one of target interfaces is up;
    *) fixed crash when setting master-port on AR8327 switch chips;
    *) fixed addresslist – dynamic entries sometimes would still
    show up even afther being timed out;
    *) added /ip settings allow-hw-fast-path setting to control AR8327N hardware ipv4 fast path;
    *) vrrp – allow more than one vrrp on interface;

  3. Sontaya
    September 4, 2013 at 5:58 pm

    RouterOS v6.3 ออกแล้ว

    What’s new in 6.3 (2013-Sep-03 12:25):

    *) ssh – fixed denial of service;
    *) traceroute – show mpls labels as well;
    *) bug fix – sometimes some new interfaces could not be created properly any more (f.e. some pppoe clients could not connect);
    *) console – added ‘/console clear-history’ command that clears command-line
    history for all users, requires ‘policy’ policy;
    *) sstp – limit packet queue for each device;
    *) RB2011L – fixed occasional gigabit switch-chip lockup;
    *) user manager – will warn on 1MB and stop before reaching minimum of 500KB disk space;
    *) hotspot – do not account traffic to local hotspot pages;
    *) ppp, hotspot – added ability to specify where to insert rate limiting queue,
    it’s parent and type;
    *) pptp, l2tp, sstp – allow to specify server via dns name;
    *) dhcp – added ability to specify where to insert rate limiting queue;
    *) www proxy – support ipv6 parent proxy;
    *) webfig – fixed problem when opening quickset page country
    was automaticly changed to etsi;
    *) traceroute – added mtr like pinging;
    *) fix queues – correct queue was not installed when last child removed;
    *) fix simple queues – sometimes some simple queues would stop
    working after configuration changes;
    *) console – fixed issue with local variables having non-empty value
    before first assignment;
    *) console – fixed command “:global name” without second argument to not
    create or change global variable “name”, only effect is to make “name”
    refer to global variable.
    *) console – fixed passing local variables as argument to function;
    *) RB1200 – fixed crash when receiving over l2mtu size packets
    on some ethernet interfaces;

    New version is released: //www.mikrotik.com/download

  4. jong
    January 2, 2015 at 11:15 am

    ลองใช้งานแล้ว ก็ชอบครับฟีเจอร์นี้ แต่ผมงงว่าทำไมใน ตระกูล ipad iphone มันไม่ work ต้อง login โดยใส่ username password ทุกครั้งเลย งง ใน android windows ไม่เป็น หรือผม set ค่าอะไรไม่ถูก ผมใช้ version 6.24 ครับ

Leave a Reply Cancel reply

You must be logged in to post a comment.

Tag Cloud

3G Android Backup Blognone Chromecast Cloud Comparison CUPS Dell DNS Facebook Firefox Firewall Google Guitar Hacked HP Joomla LGP500 LibreOffice Linux Mozilla Firefox OpenOffice.org Open Source OpenStack openSUSE openSUSE11.3 openSUSE12.1 Peplink Performance Postfix Printer Samsung Security Storage SUSE SUSE Enterprise Desktop SUSE Enterprise Server SUSE Linux Enterprise Switch Thin client Tips VMware WordPress WordPress/SMF

Comments

  • Narupon Pattapat on การ cleaning the imaging unit หรือ Drum (Imaging Unit)
  • 76Rusty on แอพ aVia Media Player Pro และ Pocket Casts 4 อนาคตอาจรองรับ Chromecast
  • JindaTheme on CloudFlare คืออะไร?
  • viva3388 on CloudFlare คืออะไร?
  • SONTAYA on Linux Foundation T-Shirt มาแล้ว

Categories

  • Android (7)
  • Joomla (9)
  • LibreOffice/OpenOffice.org (16)
  • Linux (159)
  • Music (16)
  • News (55)
  • Office (55)
  • Online Marketing (3)
  • Personal (232)
  • VMware (5)
  • WordPress/SMF (20)

Archives

  • May 2019
  • March 2019
  • January 2019
  • December 2018
  • September 2018
  • August 2018
  • July 2018
  • April 2018
  • March 2018
  • January 2018
  • December 2017
  • June 2017
  • December 2016
  • November 2016
  • April 2016
  • March 2016
  • February 2016
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • February 2015
  • January 2015
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009

Archives

  • May 2019 (1)
  • March 2019 (1)
  • January 2019 (1)
  • December 2018 (1)
  • September 2018 (1)
  • August 2018 (3)
  • July 2018 (1)
  • April 2018 (1)
  • March 2018 (1)
  • January 2018 (2)
  • December 2017 (1)
  • June 2017 (3)
  • December 2016 (1)
  • November 2016 (1)
  • April 2016 (1)
  • March 2016 (2)
  • February 2016 (1)
  • September 2015 (3)
  • August 2015 (2)
  • July 2015 (7)
  • June 2015 (5)
  • May 2015 (1)
  • April 2015 (1)
  • February 2015 (2)
  • January 2015 (1)
  • November 2014 (3)
  • October 2014 (2)
  • September 2014 (2)
  • August 2014 (1)
  • July 2014 (3)
  • June 2014 (3)
  • May 2014 (2)
  • April 2014 (5)
  • March 2014 (2)
  • February 2014 (5)
  • December 2013 (3)
  • November 2013 (15)
  • October 2013 (15)
  • September 2013 (11)
  • August 2013 (9)
  • July 2013 (26)
  • June 2013 (7)
  • May 2013 (15)
  • April 2013 (6)
  • March 2013 (5)
  • February 2013 (4)
  • January 2013 (2)
  • December 2012 (9)
  • November 2012 (2)
  • October 2012 (4)
  • September 2012 (2)
  • August 2012 (4)
  • June 2012 (3)
  • May 2012 (4)
  • April 2012 (6)
  • March 2012 (14)
  • February 2012 (9)
  • December 2011 (8)
  • November 2011 (6)
  • October 2011 (13)
  • September 2011 (7)
  • August 2011 (10)
  • July 2011 (4)
  • June 2011 (12)
  • May 2011 (26)
  • April 2011 (6)
  • March 2011 (3)
  • February 2011 (4)
  • January 2011 (10)
  • December 2010 (6)
  • November 2010 (4)
  • October 2010 (5)
  • September 2010 (10)
  • August 2010 (5)
  • July 2010 (8)
  • June 2010 (6)
  • May 2010 (4)
  • April 2010 (9)
  • March 2010 (10)
  • February 2010 (8)
  • January 2010 (21)
  • December 2009 (28)
Proudly powered by WordPress | Theme: Showme by NEThemes.