Community discussions

MUM Europe 2020
 
User avatar
savagedavid
Trainer
Trainer
Topic Author
Posts: 310
Joined: Thu Aug 25, 2005 12:58 pm
Location: Cape Town, South Africa
Contact:

Mangle Transparent Proxy traffic

Wed Aug 23, 2006 7:55 pm

I am trying to create a mangle to catch all port 80 traffic coming from the transparent proxy running on my main mikrotik router. Since the proxy uses the same outgoing IP as all other traffic leaving the router I dont know how to catch specifically proxy traffic. The reason behind this is I want to load balance only port 80 traffic coming from the proxy server.
 
User avatar
samsoft08
Long time Member
Long time Member
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Wed Aug 23, 2006 10:34 pm

this question will stay the immortal question without answer ..
some useres says you cant mangle proxy traffic other says yes you can , we want the answer and how to .. from one of the MT team , i dont know why do they keep sielent when this question been asked , if no let me know and stop trying , if yes tell us how .
 
User avatar
savagedavid
Trainer
Trainer
Topic Author
Posts: 310
Joined: Thu Aug 25, 2005 12:58 pm
Location: Cape Town, South Africa
Contact:

Sat Sep 02, 2006 10:20 am

I have figured it out. You need to mangle traffic leaving the output chain on port 80. This will catch the transparent proxy traffic.
 
User avatar
samsoft08
Long time Member
Long time Member
Posts: 617
Joined: Sat Nov 26, 2005 10:52 pm

Sun Sep 03, 2006 12:46 am

ok , but what about other packets going out through port 80 which didnt come from proxy ?
 
User avatar
savagedavid
Trainer
Trainer
Topic Author
Posts: 310
Joined: Thu Aug 25, 2005 12:58 pm
Location: Cape Town, South Africa
Contact:

Sun Sep 03, 2006 11:26 am

The output chain only catches traffic FROM the router itself, not packets that the router is routing on behalf of other systems (that comes out the forward chain). The output chain is NOT all traffic leaving the router. Therefore it all works as planned.
 
User avatar
eugenevdm
Member Candidate
Member Candidate
Posts: 208
Joined: Tue Jun 01, 2004 12:23 pm
Location: Stellenbosch, South Africa
Contact:

Thu Sep 07, 2006 7:25 pm

hi savagedavid I still have a problem with this configuration:

1. If you mangle on the output chain it does not work if I specify my default gateway IP address. It does work when I specify only port 80 so I suppose that is fine.

2. If I ECMP my proxy traffic according to the mangle rule my downloads break :-(

So I still can't use ECMP with transparent proxy.
The Snowball Effect
Superior Internet Solutions

Who is online

Users browsing this forum: AzizHalal, digitexwireless, kivimart, MSN [Bot], tdw and 155 guests