i want to buid ipcop for firewall this is
adsl 1 adsl2
| Mikrotik ---------- IPCOP (192.168.12.15 (green)) port 8080 |
|
Client
where mikrotik with PPPOe connection
ip address
0 X 192.168.1.2/28 192.168.1.0 ether1-Speedy-1
1 192.168.2.2/24 192.168.2.0 ether2-Speedy-2
2 192.168.88.1/24 192.168.88.0 ether3-LAN
4 192.168.99.1/24 192.168.99.0 ether3-LAN
6 192.168.12.1/24 192.168.12.0 ether5-IPCop
8 D 110.xxx.xx.xxx/32 110.136.190.1 Speedy-1
mangle load balancing
chain=input action=mark-connection new-connection-mark=speedy1_conn
passthrough=yes connection-state=new in-interface=ether1-Speedy-1
1 chain=input action=mark-connection new-connection-mark=speedy2_conn
passthrough=yes connection-state=new in-interface=ether2-Speedy-2
2 chain=output action=mark-routing new-routing-mark=to_speedy1 passthrough=no
connection-mark=speedy1_conn
3 chain=output action=mark-routing new-routing-mark=to_speedy2 passthrough=no
connection-mark=speedy2_conn
4 chain=prerouting action=accept dst-address=1x0.xxxx.xxx.0/24
in-interface=ether3-LAN
5 chain=prerouting action=accept dst-address=1x0.xx.xxx.0/24
in-interface=ether3-LAN
6 chain=prerouting action=mark-connection new-connection-mark=speedy1_conn
passthrough=yes dst-address-type=!local in-interface=ether3-LAN
per-connection-classifier=both-addresses-and-ports:2/0
7 chain=prerouting action=mark-connection new-connection-mark=speedy2_conn
passthrough=yes dst-address-type=!local in-interface=ether3-LAN
per-connection-classifier=both-addresses-and-ports:2/1
NAT
chain=srcnat action=masquerade src-address=192.168.88.0/24
;;; proxy-redirect
chain=dstnat action=dst-nat to-addresses=192.168.12.15 to-ports=8080
protocol=tcp src-address=192.168.88.0/24 in-interface=ether3-LAN dst-port=80
but not working ...
anybody can help me for build firewall with ipcop??
thaks before