{"id":645,"date":"2015-08-07T10:05:18","date_gmt":"2015-08-07T13:05:18","guid":{"rendered":"http:\/\/www.tech-nico.com\/blog\/?p=645"},"modified":"2015-08-07T10:05:59","modified_gmt":"2015-08-07T13:05:59","slug":"script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall","status":"publish","type":"post","link":"https:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/","title":{"rendered":"Script Mikrotik para bloquear dispositivos moviles en Firewall"},"content":{"rendered":"<div id=\"advads-1964686362\" class=\"advads-antes-de-contenido advads-entity-placement\" style=\"float: left;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-0513087877342686\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block; text-align:center;\" data-ad-client=\"ca-pub-0513087877342686\" \ndata-ad-slot=\"6331524197\" \ndata-ad-layout=\"in-article\"\ndata-ad-format=\"fluid\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><br style=\"clear: both; display: block; float: none;\"\/><p><strong>Bloqueando Celulares desde Mikrotik con Firewall (Efectividad 80%)<\/strong><\/p><div id=\"advads-3526193154\" class=\"advads-contenido-de-la-entrada advads-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-0513087877342686\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block; text-align:center;\" data-ad-client=\"ca-pub-0513087877342686\" \ndata-ad-slot=\"6331524197\" \ndata-ad-layout=\"in-article\"\ndata-ad-format=\"fluid\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p>NOTA: Esta es la version para filtrar por firewall, tambien <a href=\"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-bridge-muy-efectivo\/\">podes filtrar en bridge filter<\/a> o\u00a0bloquear<a href=\"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-con-dhcp\/\"> directamente en dhcp-server<\/a>.<\/p>\n<p>Me toco en un colegio tener que dejar sin navegaci\u00f3n\u00a0a los celulares.\u00a0En este caso opte por armar un script que recorra la lista de Leases del DHCP Server y filtre a los hosts llamados \u00abAndroid\u00bb o \u00abWindows Phone\u00bb, \u00abBlackberry\u00bb.\u00a0Con lo cual podr\u00edamos estar filtrando la mayor\u00eda de los dispositivos. Creo que se van a escapar los tel\u00e9fonos chinos que suelen venir con sistemas operativos bastante raros. Con esto he quitado de circulaci\u00f3n unos 50\u00a0dispositivos en el primer dia. No solo me ha bajado el consumo del CPU del RB 2011 si no que ademas ha mejorado mucho el rendimiento del ancho de banda ya que los celulares est\u00e1n todo el tiempo bajando actualizaciones, hasta incluso estando en el bolsillo del pantal\u00f3n. <em><span style=\"color: #808080;\">Quizas te interese saber<\/span> <a href=\"http:\/\/www.tech-nico.com\/blog\/mikrotik-bloquear-actualizaciones-de-android-en-firewall\/\">como bloquear las actualizaciones de android<\/a>.<\/em><\/p>\n<p><strong>\u00bfComo los bloqueamos?<\/strong><\/p>\n<p>Cuando abrimos la lista de Leases en \u00abIP &#8212; DHCP-Server\u00bb veremos un listado de todas las IP dinamicas entregadas en la red. Uno de los campos es \u00abHOST-NAME\u00bb. Ese es el que nos interesa.\u00a0Vean la imagen:<\/p>\n<p><a href=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/03\/leases-cossettini.png\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-586\" src=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/03\/leases-cossettini.png?resize=418%2C482\" alt=\"leases cossettini\" width=\"418\" height=\"482\" srcset=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/03\/leases-cossettini.png?w=418&amp;ssl=1 418w, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/03\/leases-cossettini.png?resize=260%2C300&amp;ssl=1 260w\" sizes=\"auto, (max-width: 418px) 100vw, 418px\" \/><\/a><\/p>\n<p>Lista de nombres de mobiles a filtrar: \u00a0(que yo detecte y filtre) (AMPLIAREMOS)<\/p>\n<ul>\n<li>android-8d0a00d6eddf7787<\/li>\n<li>Android_356434048181508<\/li>\n<li>Windows-Phone<\/li>\n<li>BLACKBERRY-8A8D<\/li>\n<li>\u00a0(nombre en blanco)<\/li>\n<\/ul>\n<p>Entonces esto es lo que vamos a usar para detectarlos.<br \/>\nEl primero y segundo, \u00abandroid, Android\u00bb estan porque con mikrotik scripting no encontr\u00e9 un comando para hacer Upper o Lower Case de los caracteres.\u00a0BLACKBERRY me aparece 2 veces en mayusculas (en otro router) asi que por ahora lo mantendremos asi. Y buscando en los mac-address vendors pude descubrir que muchos de los dispositivos celulares que vienen con el Host-Name en blanco son Samsung, Nokia, etc. Por lo que opte por dropearlos y cuando mucho, si es una laptop&#8230; \u00abque le ponga el nombre de equipo\u00bb. jeje.<\/p>\n<p><strong>Vamos a lo nuestro:<\/strong><br \/>\nPara que el script funcione, <em>debemos configurarle<\/em> el nombre de nuestro DHCP-Server y ademas el nombre de la interfaz de tu LAN en el cual vamos a filtrar (Son las primeras 2 variables). Esta parte es interesante porque si tambien es tu caso, puede ser que en el mismo equipo tengas mas de un DHCP Server o mas de 1 LAN, (una red\u00a0para directivos y otro para alumnos). Por lo tanto, si esto no seria seteable, estar\u00edamos quit\u00e1ndote navegaci\u00f3n a TODOS, y no queremos que los directivos se enojen porque no pueden revisar el facebook en su android. :D.<\/p>\n<p>Muy bien el script recoje los mac-adddress de este listado (leases), y si coinciden con alguno de los nombres que dijimos, <em><strong>se filtra autom\u00e1ticamente sin retorno<\/strong><\/em>.<br \/>\nY digo sin retorno porque si ya lo filtro, por mas que cambie el hostname YA ESTA!!!.<br \/>\nLo bueno de este script es que estamos filtrando por MAC-Address en el Bridge, cosa que resulta MUY Efectiva.<\/p>\n<p>La linea que dice:<\/p>\n<pre>($phoneNAME=\"androi\") || ($phoneNAME=\"Window\")<\/pre>\n<p>Esta tomando los primeros 6 caracteres del hostname. Entonces podr\u00edamos seguir agregando nombres de dispositivos seteados de fabrica\u00a0con un nombre por default.\u00a0Ejemplo: \u00abIphone\u00bb \u00a0 &#8212; \u00a0justo 6. \u00a0Que yo estimo, \u00abrara vez se modifica\u00bb..<\/p>\n<p><strong>Frecuencia de ejecucion del script y leases dhcp:<\/strong><br \/>\nLo tengo seteado en el Scheduler cada 10 minutos, Cosa que por mas que el \u00abLease dhcp\u00bb quede activo, ese dispositivo ya no navega. Lo que pueden hacer es setear los Leases del DHCP en 10 minutos (menos tiempo), o bien agregarle al script que tambien patee el lease. Pero ya no es necesario&#8230; cuando caduca su tiempo, ya no vuelve a aparecer mas.<\/p>\n<pre class=\"brush: php; title: ; notranslate\" title=\"\">\r\n# # SCRIPT: FILTRAR CELULARES EN FIREWALL (SIN BRIDGE)\r\n\r\n:local DHCPSERVER &quot;dhcp_alumnos&quot;;\r\n:local INTERFACEFILTER &quot;bridge-alumnos&quot;;\r\n\r\n# # AUTOR: NICOLAS DAITSCH\r\n# # www.tech-nico.com\r\n\r\n:foreach i in=&#x5B;\/ip dhcp-server lease find dynamic=yes active-server=$DHCPSERVER]  do={\r\n   :local DhcpDynIP &#x5B;\/ip dhcp-server lease get $i address];\r\n   :local DhcpDynMAC &#x5B;\/ip dhcp-server lease get $i mac-address];\r\n   :local DhcpDynHOST &#x5B;\/ip dhcp-server lease get $i host-name];\r\n   :local IfMacExist &#x5B;\/ip firewall filter find src-mac-address=&quot;$DhcpDynMAC&quot;];\r\n   :local phoneNAME &#x5B;:pick $DhcpDynHOST 0 6];\r\n\r\n    :if ( ($phoneNAME=&quot;androi&quot;) || ($phoneNAME=&quot;Window&quot;) || ($phoneNAME=&quot;Androi&quot;)  || ($phoneNAME=&quot;BLACKB&quot;) || (&#x5B;:len $DhcpDynHOST]=0) ) do={\r\n          :if ($IfMacExist != &quot;&quot;) do={\r\n#               :log error (&quot;Filtrando telefono... &quot;.$DhcpDynMAC. &quot; Ya existe&quot;)\r\n          } else= {\r\n               \/ip firewall filter add action=drop chain=input in-interface=$INTERFACEFILTER src-mac-address=&quot;$DhcpDynMAC&quot; comment=$DhcpDynHOST;\r\n                 :log warning (&quot;Se filtro un nuevo dispositivo &quot; . $phoneNAME . &quot; MAC: &quot; .  $DhcpDynMAC);\r\n          }\r\n     }\r\n}\r\n<\/pre>\n<p>Saludos! ! ! .<\/p>\n<p>________________________<br \/>\nEste post se escribio primero en\u00a0<a href=\"http:\/\/www.tech-nico.com\">Tech-nico.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bloqueando Celulares desde Mikrotik con Firewall (Efectividad 80%) NOTA: Esta es la version para filtrar por firewall, tambien podes filtrar en bridge filter o\u00a0bloquear directamente en dhcp-server. Me toco en un colegio tener que dejar sin navegaci\u00f3n\u00a0a los celulares.\u00a0En este &hellip; <a href=\"https:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/\">Sigue leyendo <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":600,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[32,73],"tags":[48],"class_list":["post-645","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-programacion","category-scripts","tag-mikrotik"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Script Mikrotik para bloquear dispositivos moviles en Firewall &#183; Tech-nico.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Script Mikrotik para bloquear dispositivos moviles en Firewall &#183; Tech-nico.com\" \/>\n<meta property=\"og:description\" content=\"Bloqueando Celulares desde Mikrotik con Firewall (Efectividad 80%) NOTA: Esta es la version para filtrar por firewall, tambien podes filtrar en bridge filter o\u00a0bloquear directamente en dhcp-server. Me toco en un colegio tener que dejar sin navegaci\u00f3n\u00a0a los celulares.\u00a0En este &hellip; Sigue leyendo &rarr;\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/\" \/>\n<meta property=\"og:site_name\" content=\"Tech-nico.com\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/pages\/Tech-nico\/112469155508017\" \/>\n<meta property=\"article:published_time\" content=\"2015-08-07T13:05:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2015-08-07T13:05:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400\" \/>\n\t<meta property=\"og:image:width\" content=\"1650\" \/>\n\t<meta property=\"og:image:height\" content=\"1400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"soporte\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@nicolpo\" \/>\n<meta name=\"twitter:site\" content=\"@nicolpo\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"soporte\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#article\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/\"},\"author\":{\"name\":\"soporte\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/person\\\/fbfacdf16e18b339cd034c484e312274\"},\"headline\":\"Script Mikrotik para bloquear dispositivos moviles en Firewall\",\"datePublished\":\"2015-08-07T13:05:18+00:00\",\"dateModified\":\"2015-08-07T13:05:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/\"},\"wordCount\":765,\"commentCount\":5,\"publisher\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1\",\"keywords\":[\"mikrotik\"],\"articleSection\":[\"Programaci\u00f3n\",\"scripts\"],\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/\",\"url\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/\",\"name\":\"Script Mikrotik para bloquear dispositivos moviles en Firewall &#183; Tech-nico.com\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#primaryimage\"},\"image\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1\",\"datePublished\":\"2015-08-07T13:05:18+00:00\",\"dateModified\":\"2015-08-07T13:05:59+00:00\",\"breadcrumb\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1\",\"width\":1650,\"height\":1400},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Script Mikrotik para bloquear dispositivos moviles en Firewall\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#website\",\"url\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/\",\"name\":\"Tech-nico.com\",\"description\":\"Mikrotik \\\/ Ubiquiti \\\/ Programacion \\\/ Seguridad\",\"publisher\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#organization\",\"name\":\"Tech-Nico.com\",\"url\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i1.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"contentUrl\":\"https:\\\/\\\/i1.wp.com\\\/www.tech-nico.com\\\/blog\\\/wp-content\\\/uploads\\\/2015\\\/05\\\/logo_tech_nico.com_.jpg?fit=1650%2C1400\",\"width\":1650,\"height\":1400,\"caption\":\"Tech-Nico.com\"},\"image\":{\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"http:\\\/\\\/www.facebook.com\\\/pages\\\/Tech-nico\\\/112469155508017\",\"https:\\\/\\\/x.com\\\/nicolpo\"]},{\"@type\":\"Person\",\"@id\":\"http:\\\/\\\/www.tech-nico.com\\\/blog\\\/#\\\/schema\\\/person\\\/fbfacdf16e18b339cd034c484e312274\",\"name\":\"soporte\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g\",\"caption\":\"soporte\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Script Mikrotik para bloquear dispositivos moviles en Firewall &#183; Tech-nico.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/","og_locale":"es_ES","og_type":"article","og_title":"Script Mikrotik para bloquear dispositivos moviles en Firewall &#183; Tech-nico.com","og_description":"Bloqueando Celulares desde Mikrotik con Firewall (Efectividad 80%) NOTA: Esta es la version para filtrar por firewall, tambien podes filtrar en bridge filter o\u00a0bloquear directamente en dhcp-server. Me toco en un colegio tener que dejar sin navegaci\u00f3n\u00a0a los celulares.\u00a0En este &hellip; Sigue leyendo &rarr;","og_url":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/","og_site_name":"Tech-nico.com","article_publisher":"http:\/\/www.facebook.com\/pages\/Tech-nico\/112469155508017","article_published_time":"2015-08-07T13:05:18+00:00","article_modified_time":"2015-08-07T13:05:59+00:00","og_image":[{"width":1650,"height":1400,"url":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","type":"image\/jpeg"}],"author":"soporte","twitter_card":"summary_large_image","twitter_creator":"@nicolpo","twitter_site":"@nicolpo","twitter_misc":{"Escrito por":"soporte","Tiempo de lectura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#article","isPartOf":{"@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/"},"author":{"name":"soporte","@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/person\/fbfacdf16e18b339cd034c484e312274"},"headline":"Script Mikrotik para bloquear dispositivos moviles en Firewall","datePublished":"2015-08-07T13:05:18+00:00","dateModified":"2015-08-07T13:05:59+00:00","mainEntityOfPage":{"@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/"},"wordCount":765,"commentCount":5,"publisher":{"@id":"http:\/\/www.tech-nico.com\/blog\/#organization"},"image":{"@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1","keywords":["mikrotik"],"articleSection":["Programaci\u00f3n","scripts"],"inLanguage":"es","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/","url":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/","name":"Script Mikrotik para bloquear dispositivos moviles en Firewall &#183; Tech-nico.com","isPartOf":{"@id":"http:\/\/www.tech-nico.com\/blog\/#website"},"primaryImageOfPage":{"@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#primaryimage"},"image":{"@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1","datePublished":"2015-08-07T13:05:18+00:00","dateModified":"2015-08-07T13:05:59+00:00","breadcrumb":{"@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#primaryimage","url":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1","width":1650,"height":1400},{"@type":"BreadcrumbList","@id":"http:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-firewall\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"http:\/\/www.tech-nico.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Script Mikrotik para bloquear dispositivos moviles en Firewall"}]},{"@type":"WebSite","@id":"http:\/\/www.tech-nico.com\/blog\/#website","url":"http:\/\/www.tech-nico.com\/blog\/","name":"Tech-nico.com","description":"Mikrotik \/ Ubiquiti \/ Programacion \/ Seguridad","publisher":{"@id":"http:\/\/www.tech-nico.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.tech-nico.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"http:\/\/www.tech-nico.com\/blog\/#organization","name":"Tech-Nico.com","url":"http:\/\/www.tech-nico.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/i1.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","contentUrl":"https:\/\/i1.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400","width":1650,"height":1400,"caption":"Tech-Nico.com"},"image":{"@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/pages\/Tech-nico\/112469155508017","https:\/\/x.com\/nicolpo"]},{"@type":"Person","@id":"http:\/\/www.tech-nico.com\/blog\/#\/schema\/person\/fbfacdf16e18b339cd034c484e312274","name":"soporte","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/24a22b421037d7d81f3d80abc24dbea53e828637156a03dbd1b768154f81b368?s=96&d=mm&r=g","caption":"soporte"}}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1650%2C1400&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/phA9Q-ap","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":641,"url":"https:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-con-dhcp\/","url_meta":{"origin":645,"position":0},"title":"Script Mikrotik para bloquear dispositivos m\u00f3viles con DHCP","author":"soporte","date":"julio 31, 2015","format":false,"excerpt":"El script nacio por un\u00a0comentario de nuestro colaborador \"Felix Serrato\" que NO\u00a0vio la necesidad de bloquear los dispositivos celulares usando firewall o bridge filter. Es decir, bloquearlos directamente en los \"leases\" del dhcp-server y ademas que el board Mikrotik\u00a0utilice\u00a0menos recursos (si es que hay muchos dispositivos para\u00a0bloquear en tu red).\u2026","rel":"","context":"En \u00abProgramaci\u00f3n\u00bb","block_context":{"text":"Programaci\u00f3n","link":"https:\/\/www.tech-nico.com\/blog\/category\/programacion\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":699,"url":"https:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-limitar-dispositivos-moviles-con-dhcp-con-queues-dinamicas\/","url_meta":{"origin":645,"position":1},"title":"Script Mikrotik para LIMITAR dispositivos m\u00f3viles con DHCP con QUEUEs Dinamicas","author":"soporte","date":"agosto 4, 2016","format":false,"excerpt":"Bloquear \/ Limitar En las 3 versiones\u00a0anteriores de este script podiamos \"bloquear\" un dispositivo movil tanto por DHCP como en el firewall del Bridge (capa 2) y en firewall capa 3. Tal vez te interesen los scripts anteriores: Version 1: Filtrar en Bridge Filter Version 2: Filtrar en Firewall Filter\u2026","rel":"","context":"En \u00abProgramaci\u00f3n\u00bb","block_context":{"text":"Programaci\u00f3n","link":"https:\/\/www.tech-nico.com\/blog\/category\/programacion\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2016\/08\/Ookla_Speedtest_HTML5.0.0.png?fit=1200%2C801&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2016\/08\/Ookla_Speedtest_HTML5.0.0.png?fit=1200%2C801&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2016\/08\/Ookla_Speedtest_HTML5.0.0.png?fit=1200%2C801&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2016\/08\/Ookla_Speedtest_HTML5.0.0.png?fit=1200%2C801&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2016\/08\/Ookla_Speedtest_HTML5.0.0.png?fit=1200%2C801&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":582,"url":"https:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-bloquear-dispositivos-moviles-en-bridge-muy-efectivo\/","url_meta":{"origin":645,"position":2},"title":"[Actualizado] Script Mikrotik para bloquear dispositivos m\u00f3viles en bridge &#8211; Muy Efectivo!","author":"soporte","date":"marzo 20, 2016","format":false,"excerpt":"Bloqueando Celulares desde Mikrotik con Bridge filter (Efectividad 80%) NOTA: Esta es la version para filtrar por bridge, tambien podes filtrar en firewall\u00a0o\u00a0bloquear directamente en dhcp-server. Me toco en un colegio tener que dejar sin navegaci\u00f3n\u00a0a los celulares.\u00a0En este caso opte por armar un script que recorra la lista de\u2026","rel":"","context":"En \u00abProgramaci\u00f3n\u00bb","block_context":{"text":"Programaci\u00f3n","link":"https:\/\/www.tech-nico.com\/blog\/category\/programacion\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":576,"url":"https:\/\/www.tech-nico.com\/blog\/script-mikrotik-para-patear-un-cliente-registrado-con-mala-senal\/","url_meta":{"origin":645,"position":3},"title":"Script Mikrotik para patear un cliente registrado con mala se\u00f1al","author":"soporte","date":"marzo 4, 2015","format":false,"excerpt":"Hola amigos, bueno, este script no es muy nuevo que digamos. Pero lo voy a postear porque le hice un agregado para mi gusto bastante importante. En este caso, se trata de un routerboard 2011 con Wifi, y va a instalarse en un colegio.\u00a0Como hay muchos celulares y netbooks, la\u2026","rel":"","context":"En \u00abProgramaci\u00f3n\u00bb","block_context":{"text":"Programaci\u00f3n","link":"https:\/\/www.tech-nico.com\/blog\/category\/programacion\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1092,"url":"https:\/\/www.tech-nico.com\/blog\/mikrotik-script-para-bloquear-intentos-de-login\/","url_meta":{"origin":645,"position":4},"title":"Mikrotik Script para bloquear intentos de login","author":"soporte","date":"julio 18, 2023","format":false,"excerpt":"Leyendo en el foro de mikrotik me encontre con este script que monitorea el log en busca errores , Y bloquea en base a la cantidad de intentos de acceso. Lo interesante es que podemos configurarlo para detectar distintos tipos de acceso. Por ejemplo los famosos intentos de acceso por\u2026","rel":"","context":"En \u00abmikrotik\u00bb","block_context":{"text":"mikrotik","link":"https:\/\/www.tech-nico.com\/blog\/category\/mikrotik\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":590,"url":"https:\/\/www.tech-nico.com\/blog\/mikrotik-bloquear-actualizaciones-de-android-en-firewall\/","url_meta":{"origin":645,"position":5},"title":"Mikrotik bloquear actualizaciones de Android en firewall","author":"soporte","date":"abril 22, 2015","format":false,"excerpt":"Estoy implementando algunas reglas para mejorar el ancho de banda de un colegio. Esta me parece una muy buena practica. Aqu\u00ed la dejamos anotada por si acaso. Ir a la consola y ejecutar esto. [php] \/ip firewall filter add action=drop chain=forward port=5228 protocol=tcp \/ip firewall filter add action=drop chain=forward port=5228\u2026","rel":"","context":"En \u00abProgramaci\u00f3n\u00bb","block_context":{"text":"Programaci\u00f3n","link":"https:\/\/www.tech-nico.com\/blog\/category\/programacion\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.tech-nico.com\/blog\/wp-content\/uploads\/2015\/05\/logo_tech_nico.com_.jpg?fit=1200%2C1018&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts\/645","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/comments?post=645"}],"version-history":[{"count":1,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts\/645\/revisions"}],"predecessor-version":[{"id":646,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/posts\/645\/revisions\/646"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/media\/600"}],"wp:attachment":[{"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/media?parent=645"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/categories?post=645"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tech-nico.com\/blog\/wp-json\/wp\/v2\/tags?post=645"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}