Setting Internal Web-Proxy Mikrotik

Berikut adalah konfigurasi Web-Proxy pada Mikrotik.
Dalam hal ini saya menggunakan Mikrotik V.3.20
Anda copy-paste source berikut pada new terminal winbox namun sebelumnya sesuaikan
dulu penggunaan IP Public dan IP Local.
Selamat Mencoba.

Basic Setup

admin@instaler] > in pr
#    NAME       TYPE    RX-RATE    TX-RATE    MTU 
0  R public     ether   0          0          1500
1  R lan        wlan    0          0          1500

[admin@instaler] > ip ad pr
Flags: X - disabled, I - invalid, D - dynamic 
#  ADDRESS           NETWORK      BROADCAST      INTERFACE
0  192.168.0.217/24  192.168.0.0  192.168.0.255  public   
1  172.21.1.1/24     172.21.1.0   172.21.1.255   lan

[admin@instaler] > ip proxy pr
                    enabled: yes
                src-address: 0.0.0.0
                       port: 3128
               parent-proxy: 0.0.0.0
          parent-proxy-port: 0
                cache-drive: system
        cache-administrator: "webmaster"
             max-cache-size: none
              cache-on-disk: yes
maximal-client-connections: 600
maximal-server-connections: 600
             max-fresh-time: 3d
      serialize-connections: yes
             cache-hit-dscp: 4
 

Firewall NAT

[admin@instaler] ip firewall nat> pr
Flags: X - disabled, I - invalid, D - dynamic 
0   chain=srcnat out-interface=public 
    src-address=172.21.1.0/24 action=masquerade 
1   chain=dstnat in-interface=lan src-address=172.21.1.0/24 
    protocol=tcp dst-port=80 action=redirect to-ports=3128
 
Mangle Setup
 [admin@instaler] > ip firewall mangle printFlags: X - disabled, I - invalid, D - dynamic

0   ;;; HIT TRAFFIC FROM PROXY    chain=output out-interface=lan    dscp=4 action=mark-packet     new-packet-mark=proxy-hit passthrough=no   






   


[admin@instaler] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic

1   ;;; UP TRAFFIC    chain=prerouting in-interface=lan     src-address=172.21.1.0/24 action=mark-packet     new-packet-mark=test-up passthrough=no 

2   ;;; CONN-MARK    chain=forward src-address=172.21.1.0/24     action=mark-connection     new-connection-mark=test-conn passthrough=yes 

3   ;;; DOWN-DIRECT CONNECTION    chain=forward in-interface=public     connection-mark=test-conn action=mark-packet     new-packet-mark=test-down passthrough=no 

4   ;;; DOWN-VIA PROXY    chain=output out-interface=lan     dst-address=172.21.1.0/24 action=mark-packet     new-packet-mark=test-down passthrough=no


 
Queue Tree Setup
[admin@instaler] > queue tree prFlags: X - disabled, I - invalid

0  name="downstream" parent=lan packet-mark=test-down     limit-at=32000 queue=default priority=8     max-limit=32000 burst-limit=0     burst-threshold=0 burst-time=0s 

1  name="upstream" parent=global-in     packet-mark=test-up limit-at=32000     queue=default priority=8     max-limit=32000 burst-limit=0     burst-threshold=0 burst-time=0s


 










Diposting oleh



































Tidak ada komentar:















Posting Komentar


















        

      









Langganan:
Posting Komentar (Atom)