Community discussions

MUM Europe 2020
 
andriputra
just joined
Topic Author
Posts: 2
Joined: Sat Jan 22, 2011 3:04 am

ACL Squid from DHCP Mikrotik

Wed Oct 03, 2012 7:08 am

Hi All,

Is there any possibilities on squid to set acl from RouterOS..

this is my current network configuration :

1. Proxy with squid
>> ip address proxy : 192.168.8.3/29

2. MikroTik router
>> ip eth1 : 192.168.8.2/29
>> ip eth2 : 192.168.1.251/24

mikrotik gateway : 0.0.0.0/0 gw 192.168.8.3

in the squid.conf :

acl me src 192.168.8.2/255.255.255.255
http_access allow me

this configuration is working perfectly..

the question is how to set acl from 192.168.1.0/24 ?

I need to set acl from client who get ip from dhcp mikrotik 192.168.1.0/24.

ex : acl client1 src 192.168.1.10-192.168.1.20/255.255.255.255
acl client2 src 192.168.1.65-192.168.1.77/255.255.255.255

Thanks in advance..
 
deejayq
Member Candidate
Member Candidate
Posts: 195
Joined: Wed Feb 23, 2011 8:33 am

Re: ACL Squid from DHCP Mikrotik

Wed Oct 03, 2012 10:19 am

i don't think you can
what you can do is use web proxy feature of routeros.
set the parent proxy and parent proxy port of web proxy to 192.168.8.3 (and the port squid is listening to)
create on routeros an address-list with the ip's of the computers you want to connect via proxy.
use this how to to set routeros web proxy as a transparent proxy http://wiki.mikrotik.com/wiki/How_to_ma ... _web_proxy
add a rule in filter to allow requests to the port the web proxy is listening to from the address-list
block all other requests
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: ACL Squid from DHCP Mikrotik

Wed Oct 03, 2012 5:26 pm

Why not just accept everything from the 192.168.1.0/24 subnet? That would be a lot easier than trying to script in functionality that doesn't really do anything but give it more places to break.

Who is online

Users browsing this forum: No registered users and 66 guests