Hi guys,
Normally I was can to access to my website cPanel and any FTP account to download work file etc..
After I use Router Broad I can’t access to some cPanel not all some servers. herein my RouterOs configuration for helping me.
[admin@MikroTik] > export
# nov/11/2015 18:05:15 by RouterOS 6.32.3
# software id = AIIA-UKT0
#
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether5 ] name=Local
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether2 ] name=WAN2
set [ find default-name=ether3 ] name=WAN3
set [ find default-name=ether4 ] name=WAN4
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n country=egypt disabled=no mode=ap-bridge ssid=ARCONS
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys wpa2-pre-shared-key=arcons96321
/ip firewall layer7-protocol
add name=streaming regexp=videoplayback|video
add name=bittorrent regexp="^(\13bittorrent protocol|azver\01\$|get/scrape\\\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"
/ip hotspot profile
add dns-name=www.arcons.net hotspot-address=192.168.88.1 login-by=mac mac-auth-password=1238 name=hsprof1
/ip hotspot
add disabled=no interface=bridge1 name=hotspot1 profile=hsprof1
/ip hotspot user profile
add name=1024 rate-limit=256k/1024k
add name=2048 rate-limit=512k/2048k
add name=256 rate-limit=64k/256k
add name=512 rate-limit=128k/512k
/ip pool
add name=dhcp_pool1 ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=bridge1 name=dhcp1
/queue tree
add max-limit=1024k name=streaming packet-mark=streaming parent=global queue=default
/interface bridge port
add bridge=bridge1 interface=Local
add bridge=bridge1 interface=wlan1
/ip address
add address=192.168.88.1/24 comment=OUT interface=Local network=192.168.88.0
add address=192.168.2.5/24 comment=Line1 interface=WAN1 network=192.168.2.0
add address=192.168.3.5/24 comment=Line2 interface=WAN2 network=192.168.3.0
/ip dhcp-server lease
add address=192.168.88.28 always-broadcast=yes client-id=1:0:1f:d0:c3:40:31 mac-address=00:1F:D0:C3:40:31 server=dhcp1
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1
/ip dns
set cache-size=4096KiB max-udp-packet-size=1024 servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=add-src-to-address-list address-list="\DD\D4\CE\E4\CC\EC \CA\E6\D1\E4\CA" address-list-timeout=1h chain=forward comment=TORRENT disabled=yes \
layer7-protocol=bittorrent
add action=drop chain=forward disabled=yes dst-port=!53 protocol=udp src-address-list=Torrent
add action=drop chain=forward disabled=yes dst-port=!80,443 protocol=tcp src-address-list=Torrent
/ip firewall mangle
add chain=prerouting in-interface=WAN1
add chain=prerouting in-interface=WAN2
add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=wan1_conn per-connection-classifier=both-addresses-and-ports:2/0 \
src-address=192.168.88.0/24
add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=wan2_conn per-connection-classifier=both-addresses-and-ports:2/1 \
src-address=192.168.88.0/24
add action=mark-routing chain=prerouting connection-mark=wan1_conn new-routing-mark=to_wan1 src-address=192.168.88.0/24
add action=mark-routing chain=prerouting connection-mark=wan2_conn new-routing-mark=to_wan2 src-address=192.168.88.0/24
add action=mark-packet chain=prerouting comment="Mark Packet Streaming" layer7-protocol=streaming new-packet-mark=streaming passthrough=no
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat out-interface=WAN1 src-address=192.168.88.0/24
add action=masquerade chain=srcnat out-interface=WAN2 src-address=192.168.88.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=192.168.88.0/24
add action=redirect chain=dstnat comment="block sex" dst-port=80 protocol=tcp to-ports=8080
/ip hotspot user
add name=admin
add email=pc@bepo.net name=00:1F:D0:C3:40:31 password=1238
add email=pc@samir.net name=50:E5:49:1F:2C:E8 password=1238
/ip proxy
set enabled=yes max-cache-size=none parent-proxy=0.0.0.0 src-address=0.0.0.0
/ip proxy access
add action=deny dst-host=www.circlejerkboys.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.1212.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.100200films.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.sexhigh.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=twistedxxxfetish.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=chungo.net redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.interactivexxxgames.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.sextronix.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.malethumbpost.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.sextir.com redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.indianbitches.net redirect-to=192.168.88.1/block.html
add action=deny dst-host=www.npgalleries.com redirect-to=192.168.88.1/block.html
/ip route
add check-gateway=ping distance=1 gateway=192.168.2.1 routing-mark=to_wan1
add check-gateway=ping distance=1 gateway=192.168.3.1 routing-mark=to_wan2
add check-gateway=ping distance=1 gateway=192.168.2.1
add check-gateway=ping distance=2 gateway=192.168.3.1
/system clock
set time-zone-name=Africa/Cairo
/system leds
set 5 interface=wlan1
/system logging
add action=disk topics=account
/system ntp client
set enabled=yes primary-ntp=41.128.225.225 secondary-ntp=8.8.8.8