Web-Proxy + Squid proxy

RouterOS General
1

Hello
I made winproxy + squid its working and its all ok, my problem is how i can do to see in squid log files my computers (192..168.1.xxx) i see just the 192.168.1.1 addresses in my log files .
192.168.1.0/24 is my network and squid is 192.168.1.2

chain=srcnat out-interface=public src-address=192.168.1.0/24 action=masquerade

Or anyhow i can make somehow to log the web traffic in any log file what i can use with sarg or any log analyzer ofocurse i need to see the pc-s apart in log file.
I tryed proxzliyer too but i saw just the router ip address too there.

Thank you for your time .

2

Don’t NAT traffic between the router and the proxy.

Most likely you want to add an “out-interface=WAN” qualifier for the masquerade statement in “/ip firewall nat” but this would be easier if you posted your configuration.

3

hello thx for your reply

here is my config

#   ADDRESS            NETWORK         BROADCAST       INTERFACE
 0   net 1
     xxx.xxx.13.54/30    xxx.xxx.13.52    xxx.xxx.13.55    ether1
 1   ;;; retea
     192.168.1.1/24     192.168.1.0     192.168.1.255   bridge1

here is my route table

[admin@MikroTik] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY-STATE GATEWAY                DISTANCE INTERFACE
 0 A S  0.0.0.0/0                          reachable     xxx.xxx.13.53           1        ether1
 1   S  0.0.0.0/0                          reachable     192.168.2.1            2        ether2
 2 ADC  xxx.xxx.13.52/30   xxx.xxx.13.54                                         0        ether1
 3 ADC  192.168.1.0/24     192.168.1.1                                          0        bridge1

the nat

p firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
 0   chain=dstnat action=dst-nat to-addresses=192.168.1.17 to-ports=5900 protocol=tcp
     dst-address=xxx.xxx.13.54 dst-port=5900

 1   chain=dstnat action=dst-nat to-addresses=192.168.1.16 to-ports=5901 protocol=tcp
     dst-address=xxx.xxx.13.54 dst-port=5901

 3   chain=dstnat action=redirect to-ports=8080 protocol=tcp src-address=192.168.1.105 dst-port=80

 4   chain=dstnat action=dst-nat to-addresses=192.168.1.105 to-ports=22 protocol=tcp
     dst-address=xxx.xxx.13.54 dst-port=22

 5   chain=srcnat action=masquerade src-address=192.168.1.0/24

 6 X ;;;redirectar to squid 
     chain=dstnat action=dst-nat to-addresses=192.168.1.105 to-ports=3128 protocol=tcp
     src-address=192.168.1.0/24 dst-port=80

 7 X chain=dstnat action=redirect to-ports=8080 protocol=tcp src-address=192.168.1.105 dst-port=80

ip proxy

 ip proxy print
                 enabled: no
             src-address: 0.0.0.0
                    port: 8080
            parent-proxy: 192.168.1.105
       parent-proxy-port: 3128
     cache-administrator: ""
          max-cache-size: none
           cache-on-disk: yes
  max-client-connections: 600
  max-server-connections: 600
          max-fresh-time: 3d
   serialize-connections: yes
       always-from-cache: no
          cache-hit-dscp: 4

Ok now the redirects are stoped atm, the squid server is 192.168.1.105 if i enable the redirects i see in squid accesslogs
192.168.1.1 but i need to see the all hosts in my log files .
ex: i see now
1277465672.575 5 192.168.1.1 TCP_MISS/401 1110 GET http://www.xxxxxx.com/ - DIRECT/121.15.220.135 text/html

but i want something like this to have in logfile
1277465672.575 5 192.168.1.217 TCP_MISS/401 1110 GET http://www.xxxxxx.com/ - DIRECT/121.15.220.135 text/html
192.168.1.217 its one of the pc are conected

i need any solution to make this work i need to make somehow to see the conected pc-s web traffic
daily monthly top sites when where … etc :slight_smile: like in sarg or any loganalizer.

Thank you for reading

edit: i also tryed with proxylizer and i also get in the log files :
Jun 18 22:52:01 192.168.1.1 web-proxy,account: 78.155.72.142 GET http://t1.gstatic.com/images?q=tbn:SEHFWkyVsilypM:http://www.xxxxxx.com/star-academy/images/nassif-improving.jpg action=allow cache=MISS

4

Change

chain=srcnat action=masquerade src-address=192.168.1.0/24

to

chain=srcnat action=masquerade src-address=192.168.1.0/24 out-interface=ether1
5

Thank you for your reply i tried your suggestion but its same the logs always shows 192.168.1.1

6

you do redirection to RouterOS WebProxy. maybe, that’s why you see ROS IP?..

just DST-NAT directly to your proxy machine

7

i tryed to dst-nat direct to squid but in that case squid wont let me out
i will try today to put squid to separate ethernet (ether3)

8

if your squid has access to the Internet via that router, check that you don’t redirect squid requests back to squid

9

ip put in separete ether the linux server and its ok now .

thx for helps