10 cusstomers on LAN each one with his own real IP
on RB there is Web proxy enabled on port 8080
on RB in Firewall / Nat / I make a redirect rule for all traffic of the users with the destionation port 80 … to be redirect on port 8080 on Internal IP of the RB. Basically I force all http traffic of the users to pass trought Web Proxy Cache of RB.
Now the big big question is … how can I except a site … from this Redirect Rule … ? Per example the On Line Movies sites .. do not like to see multiple requests caming from same IP … and right now … if a person is watching a movie online … others can not visit the same site (because all the HTTP request are done from the RB WAN IP) … and because of this issue I want to exclude the site from the Web proxy and for accesing this site .. everyone to work on behalf of his own real IP…
I try Every combination … make new rule, placed on top … etc etc .. but seems not work … as long as Redirect Rule is enabled … looks I can not exclude one site from that rule.
unfortunatly your sugenstion looks NOT BE the sollution I’m looking for.
you propose me a sort of details about cache management. I want that HTTP requests do not even ENTER into WEB PROXY service for some certain sites (I have a list).
Per example right now I have following setup:
location of settings: IP / Firewall / NAT
Chain: dstnat
Src Adress: users subnet (real ip’s)
Protocol: 6 (tcp)
Dst. port: 80
In interface: eth2-lan
Action: redirect
to ports: 8080
this settings redirect all users HTTP requests to WEB CACHE service port 8080 .. witch have setup PARENT.
so basically all the users browse from the IP OF THE PARENT PROXY.
in this way the users can not see www.vplay.ro, www.serialepenet.ro and others.
if I make a new rule placed on top of the existing one … something like this:
Chain: dstnat
src adreess: single user IP
protocol: 6 (tcp)
dst port: 80
in interface: eth2-lan
Action: accept
this rule will allow the user to acces www on HTTP .. all the time whithout being redirected … never
I want that user to be redirected everytime he browse …but NOT BEING redirected when he browse some certain sites. I want that for this sites … his URL Request not even enter into WEB PROXY service, in order to can browse using his real ip.
I do not found any sollution from my problem. I’m look forward for every sollution might be. I need to find a way to exclude a site … from .. http Redirect.
since 1.5 years I can not find anyone to make that sprits for money. And Mikrotik Support keep giving advices but not making the job for money. It is UNBELIVABLE !
This example is for clarity. we are talking about more routers in total.
We have a website who contain a list of websites who is desired to be accessed without proxy redirect.
per example http://www.egal.ro/noproxy.txt
We have RB750, 750UP, 453, 493 and we use to Redirect HTTP traffic in LOCAL Web Proxy who have setup as parent a bigger proxy cluster IP.
We would like to have a Rule in IP / Firewall / NAT who allow the users to access the sites specified in TXT file .. directly .. without going trough Local proxy.
in order to do this the RB should take the file from Web Site … execute nslookup comands and create his own file with IP. after this all this IP should belong to a list and this should be specified in first rule in Firewall / NAT … and that’s will be all !
Giving solutions to an 8 year old topic, now that’s something.
In those 8 years HTTPS got everywhere so this is kinda completly useless anyway.
But congrats for finding this old topic!