Hi everyone, this forum is fantastic and very useful.
I am an italian boy so excuse me for my english…
this is my network architecture
Internet>>>>>RB1000>>>>>Client
|
|
(Proxy-Server Squid+Dansguardian)
I’m using ROS 3.22 on RB1000 I created a server-proxy with squid + DansGuardian for content filtering of RB1000 users and to track their Internet traffic to logs of DansGuardian. The content filtering works wellMy problem is that when setting the parent-proxy on RB1000, in DansGuardian log of proxy-server I can see only the IP address of the RB1000 “gateway” but not the IPs of users so i can’t trace the internet traffic of single user…but i see all RB1000 traffic…How i can solve this problem? Or suggest me howto track internet traffic of my users
Thanks you
You could do this a couple of ways
a) dst-nat port 80 traffic directly to your dans-guardian/squid machine (using it as a transparent proxy without needing to use the mikrotik proxy)
or
b) use the mikrotik ‘proxylizer’ to do the user monitoring for you instead. (do a quick search of the forums for it, I don’t have the link handy and bed is calling to me 
)
I also know regular squid servers can pass the originating IP along, mikrotik doesn’t have options to disable or enable anything like this so if anything it’d be passed by default.
wow Proxylizer is fantastic do just what I need …
today I have installed on debian lenny box, Proxylizer after configuration http://wiki.mikrotik.com/wiki/Proxylizer/Getting_Started%20#%20Install the syslog-ng server does not receive anything and thus proxylizer not working why?
have you confirmed
a) that the mikrotik has the remote logging rules setup
b) that the mikrotik can ping/access the server you’re running proxylizer on
c) that the proxylizer server doesn’t have any sort of firewall/iptables rules blocking access to it?
You could try sending the mikrotik logs to a dude server as well, as these also act as a syslog server.
ok finally I managed to install and make operational proxylizer. But when I make a report only ip that i can see is 127.255.255.255
why? may depend on some set-up to RB1000?
my architecture is
tanks to all you are fantastic