Community discussions

 
safiullahtariq
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Sun Apr 06, 2014 9:21 pm
Location: Lahore Pakistan

Web Proxy NOT Working

Sat May 23, 2015 4:56 pm

Hello All,

I need some help.
I have made web proxy and it seemed to work for a while but stopped working all together. I want to block all internet of all PCs except some website and some PCs (MAC addresses) will have open internet with no restriction.

Issue is, the specific websites that I need to open such as gmail etc, not open.

This is my complete code, please help
# may/22/2015 03:17:22 by RouterOS 6.24
# software id = MIFM-J9E5
/ip pool
add name=dhcp_pool1 ranges=192.168.0.100-192.168.0.250

/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether1 lease-time=8h name=\

/ip address
add address=192.168.0.1/24 comment="default configuration" interface=ether1 \
    network=192.168.0.0
add address=192.168.1.2/24 disabled=yes interface=ether11 network=192.168.1.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
    interface=ether11

/ip dhcp-server network
add address=192.168.0.0/24 dns-server=8.8.8.8,192.168.1.1 gateway=192.168.0.1

/ip dns
set allow-remote-requests=yes servers=8.8.8.8

/ip firewall filter
add action=drop chain=input dst-port=8080 in-interface=ether11 protocol=tcp

/ip firewall nat
add action=masquerade chain=srcnat

add chain=dstnat comment="Admin PC" src-mac-address=00:21:9B:59:1C:EE

add action=jump chain=dstnat dst-port=80 in-interface=ether11 jump-target=\
    http_proxy_check protocol=tcp
add action=return chain=http_proxy_check src-mac-address=5C:26:0A:82:0D:AC
add action=redirect chain=dstnat dst-port=80 protocol=tcp to-ports=8080
add action=redirect chain=dstnat protocol=tcp to-ports=8080
add action=redirect chain=dstnat protocol=udp to-ports=8080

/ip proxy
set max-cache-size=4096KiB parent-proxy=0.0.0.0

/ip proxy access
add action=allow dst-host=:gmail
add action=allow dst-host=:google
add action=allow dst-host=:fbr.gov.pk
add action=allow dst-host=:mail
add action=allow dst-host=:lesco
add action=allow dst-host=:tcscouriers
add action=allow dst-host=:sngpl.com.pk
add action=allow dst-host=:fbr
add action=allow dst-host=:wapda
add action=deny dst-port=80
/ip route
add distance=1 gateway=ether11
add disabled=yes distance=1 gateway=192.168.1.1

/ip upnp
set enabled=yes



Again, the issue is, either it blocks everything completely, or open completely for the specific MAC address I give it. I want only few sites to be opened but it doesnt.

IM STUCK :( :( :(

Please help
Regards,

Safiullah
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 2946
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: Web Proxy NOT Working

Sun May 24, 2015 7:29 pm

last two nat rule redirect all traffic, also the DNS traffic to proxy
the proxy is only http proxy, not work on this way,
and also you can not filter any httpS traffic like google, facebook, gmail, etc.
I'm Italian, not English. Sorry for my imperfect grammar.

Who is online

Users browsing this forum: No registered users and 132 guests