Proxy login page proplem

demonhunters1985 · May 2, 2010, 9:57am

Dear
i have Hot spot sys MT 2.9 V
and really want when user put proxy on his browser he can login even with proxy on it
thanks

normis · May 3, 2010, 8:55am

you will need some additional NAT rules that intercept not only requests for ports 80 but also common proxy ports like 8080 etc.

demonhunters1985 · May 3, 2010, 10:24am

I Thankfully for your answer ,But i don’t understand ur Answer i sent for you my script and see it

\

may/03/2010 17:57:59 by RouterOS 2.9.27

software id = 104H-NN0

/ interface ethernet
set wan name=“wan” mtu=1500 mac-address=00:15:E9:B0:D4:11 arp=enabled
disable-running-check=yes auto-negotiation=yes full-duplex=yes
cable-settings=default speed=100Mbps comment=“” disabled=no
set lan name=“lan” mtu=1500 mac-address=00:15:E9:B0:D4:70 arp=enabled
disable-running-check=yes auto-negotiation=yes full-duplex=yes
cable-settings=default speed=100Mbps comment=“” disabled=no
/ interface wireless security-profiles
set default name=“default” mode=none authentication-types=“”
unicast-ciphers=“” group-ciphers=“” wpa-pre-shared-key=“”
wpa2-pre-shared-key=“” eap-methods=passthrough tls-mode=no-certificates
tls-certificate=none static-algo-0=none static-key-0=“” static-algo-1=none
static-key-1=“” static-algo-2=none static-key-2=“” static-algo-3=none
static-key-3=“” static-transmit-key=key-0 static-sta-private-algo=none
static-sta-private-key=“” radius-mac-authentication=no group-key-update=5m
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no
/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no
memory-limit=10 file-name=“” file-limit=10 streaming-enabled=no
streaming-server=0.0.0.0 streaming-max-rate=0
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
/ interface pptp-server server
set enabled=yes max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2
keepalive-timeout=30 default-profile=default-encryption
/ ip pool
add name=“hs-pool-8” ranges=192.168.18.10-192.168.18.200
add name=“dhcp_pool1” ranges=192.168.18.10-192.168.18.200
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id=“” remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip accounting
set enabled=yes account-local-traffic=yes threshold=256
/ ip accounting web-access
set accessible-via-web=yes address=10.10.10.0/24
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=10500 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip upnp
set enabled=yes allow-disable-external-interface=no show-dummy-rule=yes
/ ip upnp interfaces
add interface=wan type=external disabled=no
add interface=lan type=internal disabled=no
/ ip arp
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=82.137.200.83 secondary-dns=207.126.96.162
allow-remote-requests=yes cache-size=2048KiB cache-max-ttl=15m
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m
inactive-flow-timeout=15s
/ ip address
add address=10.2.1.250/24 network=10.2.1.0 broadcast=10.2.1.255 interface=wan
comment=“” disabled=no
add address=192.168.18.254/24 network=192.168.18.0 broadcast=192.168.18.255
interface=lan comment=“” disabled=no
/ ip proxy
set enabled=yes src-address=0.0.0.0 port=8080 parent-proxy=0.0.0.0:0
cache-drive=system cache-administrator=“webmaster”
max-disk-cache-size=69181000KiB max-ram-cache-size=331000KiB
cache-only-on-disk=yes maximal-client-connections=1000
maximal-server-connections=1000 max-object-size=160000KiB
max-fresh-time=3d
/ ip proxy access
add dst-port=23-25 action=deny comment=“block telnet & spam e-mail relaying”
disabled=no
/ ip proxy cache
add dst-host=“:cgi-bin \?” action=deny comment=“” disabled=no
/ ip neighbor discovery
set wan discover=yes
set lan discover=yes
/ ip route
add dst-address=0.0.0.0/0 gateway=10.2.1.1 scope=255 target-scope=10
comment=“” disabled=no
/ ip firewall nat
add chain=srcnat src-address=192.168.18.0/24 action=masquerade
comment=“masquerade hotspot network” disabled=no
add chain=srcnat out-interface=wan action=masquerade comment=“” disabled=no
add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080
comment=“” disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s
tcp-established-timeout=1d tcp-fin-wait-timeout=10s
tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s
udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m
tcp-syncookie=no
/ ip firewall filter
add chain=forward p2p=all-p2p action=drop comment=“” disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set tftp ports=69 disabled=no
set irc ports=6667 disabled=no
set h323 disabled=yes
set quake3 disabled=no
set gre disabled=yes
set pptp disabled=yes
/ ip hotspot
add name=“hotspot1” interface=lan address-pool=hs-pool-8 profile=default
idle-timeout=5m keepalive-timeout=none addresses-per-mac=1 disabled=no
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set default name=“default” hotspot-address=192.168.18.254 dns-name=“”
html-directory=hotspot rate-limit=“” http-proxy=0.0.0.0:0
smtp-server=0.0.0.0 login-by=http-chap split-user-domain=no use-radius=no
add name=“hsprof1” hotspot-address=192.168.18.254 dns-name=“”
html-directory=hotspot rate-limit=“” http-proxy=0.0.0.0:0
smtp-server=0.0.0.0 login-by=http-chap split-user-domain=no use-radius=no
/ ip hotspot user
add name=“nokia” password=“gemini” profile=gemini comment=“” disabled=no
add name=“admin” password=“demon” profile=default comment=“” disabled=no
/ ip hotspot user profile
set default name=“default” address-pool=hs-pool-8 idle-timeout=none
keepalive-timeout=2m status-autorefresh=1m shared-users=50
transparent-proxy=yes open-status-page=http-login advertise=no
add name=“gemini” address-pool=hs-pool-8 idle-timeout=5m keepalive-timeout=2m
status-autorefresh=1m shared-users=40 transparent-proxy=no
/ ip hotspot walled-garden
add dst-host=.adinspot. action=allow comment=“” disabled=no
add dst-host=.itg-ar. action=allow comment=“” disabled=no
add dst-host=.volkswagen-syria. action=allow comment=“” disabled=no
/ ip dhcp-server
add name=“dhcp1” interface=lan lease-time=3d address-pool=dhcp_pool1
bootp-support=static authoritative=after-2sec-delay disabled=no
/ ip dhcp-server config
set store-leases-disk=5m
/ ip dhcp-server lease
/ ip dhcp-server network
add address=192.168.18.0/24 gateway=192.168.18.254 comment=“hotspot network”
/ ip ipsec proposal
add name=“default” auth-algorithms=sha1 enc-algorithms=3des lifetime=30m
lifebytes=0 pfs-group=modp1024 disabled=no
/ system logging
add topics=info prefix=“” action=memory disabled=no
add topics=error prefix=“” action=memory disabled=no
add topics=warning prefix=“” action=memory disabled=no
add topics=critical prefix=“” action=echo disabled=no
add topics=hotspot prefix=“” action=disk disabled=no
add topics=hotspot,account prefix=“” action=disk disabled=no
add topics=state,system,error,info,warning,watchdog prefix=“” action=disk
disabled=no
/ system logging action
set memory name=“memory” target=memory memory-lines=100 memory-stop-on-full=no
set disk name=“disk” target=disk disk-lines=100 disk-stop-on-full=no
set echo name=“echo” target=echo remember=yes
set remote name=“remote” target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0
check-interval=1d user=“”
/ system clock dst
set dst-delta=+00:00 dst-start=“jan/01/1970 00:00:00” dst-end=“jan/01/1970
00:00:00”
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term=“” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
set FIXME term=“linux” disabled=no
/ system console screen
set line-count=25
/ system identity
set name=“DownTown”
/ system note
set show-at-login=yes note=“”
/ system gps
set enabled=no set-system-time=yes
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set wan display-time=5s disabled=yes
set lan display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system routerboard bios
set
/ system health
set state-after-reboot=enabled
/ port
set serial0 name=“serial0” baud-rate=9600 data-bits=8 parity=none stop-bits=1
flow-control=hardware
set serial1 name=“serial1” baud-rate=9600 data-bits=8 parity=none stop-bits=1
flow-control=hardware
/ ppp profile
set default name=“default” use-compression=default use-vj-compression=default
use-encryption=default only-one=default change-tcp-mss=yes comment=“”
add name=“profile1” local-address=192.168.11.2 remote-address=hs-pool-8
use-compression=default use-vj-compression=default use-encryption=default
only-one=default change-tcp-mss=default comment=“”
set default-encryption name=“default-encryption” use-compression=default
use-vj-compression=default use-encryption=yes only-one=default
change-tcp-mss=yes comment=“”
/ ppp secret
add name=“hakam” service=any caller-id=“” password=“hakam” profile=profile1
routes=“” limit-bytes-in=0 limit-bytes-out=0 comment=“” disabled=no
add name=“ppp1” service=pptp caller-id=“” password=“” profile=profile1
routes=“” limit-bytes-in=0 limit-bytes-out=0 comment=“” disabled=no
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name=“default” kind=pfifo pfifo-limit=50
set ethernet-default name=“ethernet-default” kind=pfifo pfifo-limit=50
set wireless-default name=“wireless-default” kind=sfq sfq-perturb=5
sfq-allot=1514
set synchronous-default name=“synchronous-default” kind=red red-limit=60
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name=“hotspot-default” kind=sfq sfq-perturb=5
sfq-allot=1514
add name=“pcq-download” kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=dst-address pcq-total-limit=2000
add name=“pcq-upload” kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=src-address pcq-total-limit=2000
add name=“default-small” kind=pfifo pfifo-limit=10
/ queue simple
/ queue tree
add name=“queue1” parent=wan packet-mark=users limit-at=0 queue=pcq-download
priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=yes
add name=“queue2” packet-mark=users limit-at=0 queue=pcq-upload priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s disabled=yes
/ user
add name=“admin” group=full address=0.0.0.0/0 comment=“system default user”
disabled=no
/ user group
add name=“read” policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f
tp,!write,!policy
add name=“write” policy=local,telnet,ssh,reboot,read,write,test,winbox,password
,web,!ftp,!policy
add name=“full” policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo
x,password,web
/ user aaa
set use-radius=yes accounting=yes interim-update=0s default-group=read
/ radius
add service=ppp,login,hotspot,wireless,telephony,dhcp called-id=“” domain=“”
address=127.0.0.1 secret=“” authentication-port=1812 accounting-port=1813
timeout=300ms accounting-backup=yes realm=“” comment=“” disabled=no
/ radius incoming
set accept=yes port=1700
/ driver
/ snmp
set enabled=no contact=“” location=“”
/ snmp community
set public name=“public” address=0.0.0.0/0 read-access=yes
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from=“<>”
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name=“” file-limit=10
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535
filter-address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ tool graphing queue
add simple-queue=all allow-address=0.0.0.0/0 store-on-disk=yes
allow-target=yes disabled=no
/ tool graphing interface
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no
redistribute-static=no redistribute-rip=no redistribute-bgp=no
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 type=default translator-role=translate-candidate
authentication=none prefix-list-import=“” prefix-list-export=“”
disabled=no
/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no
redistribute-connected=no redistribute-rip=no redistribute-ospf=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m

with thankfully waiting your answer …
if u want take info about company i work this our site
www.adinspot.com

Chupaka · May 3, 2010, 4:05pm

please upgrade you RouterOS. web-proxy was completely rewritten in later versions

demonhunters1985 · May 6, 2010, 4:13pm

Hay.
i sent u once more
i just want write rule in NAT that make me allows any web-proxy on client PC to access to my hot spot page

Ex:-
the client sit on my location and open his browser to get my hot spot page if hi/she but in any way any proxy the brows give him error " Page can’t found"
just he remove proxy and then ask any thing will redirection to my hot spot page
that scenario

At now Co can’t change or upgrade to new Ver cuz that i need do it
i try to many nat rule i can do once but like my MT router will make this proxy in block list
and we living in sy need to use to many proxy and difrenct cuz as u know our ISP’s block site lis facebook etc
thank you

normis · May 7, 2010, 6:55am

sorry we can’t help you unless you upgrade to a licensed version