Good day,
Can some one help send me in the right direction.
I want to setup a few rules for certain IP’s on our network and i want to log every site that they go on. As recently we had an employee that just sat on Facebook all day and did no work, but we had no proof. So now i want to put some rule in place to track the usage of our employees so that if we one day have a dispute again we can show them.
Can i do it in proxy?
Or do i have to add firewall rules?
I just have a normal NAT masquerade router setup.
Thanks.
Bump. I’m looking for the same thing.
Basically you need to use a proxy for these specific IP addresses and to have the proxy log all HTTP requests. You can use the built in proxy server of the MikroTik but you may want to look into a more capable proxy that you can use transparently.
http://wiki.mikrotik.com/wiki/Manual:IP/Proxy
You can set up the MikroTik as a transparent proxy, but it only works with HTTP, no HTTPS or anything else. If your end users have admin rights to their PCs they can obviously change their proxy settings if they want to as well, so a NAT rule may be the way for you to go.
To use a separate box as a proxy transparently:
1.) For the cleanest and easiest install, put the Porxy on a separate routed interface with a different subnet.
2.) Set up a dst-nat rule that will redirect all requests from given IP addresses to the proxy server
/ip firewall address-list
add address=192.168.50.10 list="Monitor User"
/ip firewall nat
add action=dst-nat chain=dstnat src-address-list="Monitor User" to-address=IP_OF_PROXY
3.) Set up the proxy server to log all requests