Community discussions

 
Sermeric
just joined
Topic Author
Posts: 4
Joined: Wed Aug 13, 2014 2:18 pm

Redirect all traffic from a spesific ip number to a web page

Wed Aug 13, 2014 2:27 pm

Hi,

This is my first message here,

I am using RouterBoard hardware and RouterOS 6.11 and what i want to do is, To create a rule to redirect all outgoing traffic from a spesific ip number to a web page.

The user should go to this spesific web page even s/he type google.com :D

actually, we're a hotel and we want to put an IPAD device on our recepiton to let people make reservation from our web site in front of the desk but on the other hand, we dont want this ipad to be a public facebook machine so there will be no webpage that this device can access except this spesific webpage.

Can you guys help me?

my ip block is 10.0.10/23
device ip number 10.0.11.187 (ipad)
my gateway : 10.0.10.253 (mikrotik router)
RouterOS : v6.11
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1026
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Redirect all traffic from a spesific ip number to a web

Wed Aug 13, 2014 3:05 pm

Do you know the ip of your webserver? Is this server hosting only one webserver?
The simple way to do it is:
/ip firewall nat
add chain=dstnat src-address=10.0.11.187 protocol=tcp action=dst-nat to-addresses=webserver_ip to-ports=80
-Toni-
Don't crash the ambulance, whatever you do
 
Sermeric
just joined
Topic Author
Posts: 4
Joined: Wed Aug 13, 2014 2:18 pm

Re: Redirect all traffic from a spesific ip number to a web

Wed Aug 13, 2014 4:05 pm

Do you know the ip of your webserver? Is this server hosting only one webserver?
The simple way to do it is:
/ip firewall nat
add chain=dstnat src-address=10.0.11.187 protocol=tcp action=dst-nat to-addresses=webserver_ip to-ports=80
Thank you for your reply,

Yes, i know the webserver ip number and this server serves only one web page. I applied the command but still can display the other pages. Should i do something additional?
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1026
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Redirect all traffic from a spesific ip number to a web

Wed Aug 13, 2014 4:33 pm

I just tested it and works fine. I am on ROS 6.18. Is the server within your network? What other rules do you have in /firewall nat and /firewall mangle?
-Toni-
Don't crash the ambulance, whatever you do
 
Sermeric
just joined
Topic Author
Posts: 4
Joined: Wed Aug 13, 2014 2:18 pm

Re: Redirect all traffic from a spesific ip number to a web

Wed Aug 13, 2014 5:23 pm

I just tested it and works fine. I am on ROS 6.18. Is the server within your network? What other rules do you have in /firewall nat and /firewall mangle?
No, the web page is not within my network. Its just an external web page. These are my print command results
/ip firewall nat> /ip firewall nat print 
Flags: X - disabled, I - invalid, D - dynamic 
 0 X ;;; place hotspot rules here
     chain=unused-hs-chain action=passthrough to-addresses=0.0.0.0 

 1   chain=srcnat action=masquerade 

 2   ;;; masquerade hotspot network
     chain=srcnat action=masquerade src-address=10.0.10.0/23 

 3   ;;; masquerade hotspot network
     chain=srcnat action=masquerade src-address=10.0.10.0/23 

 4   ;;; masquerade hotspot network
     chain=srcnat action=masquerade src-address=10.0.10.0/23 

 5   ;;; masquerade hotspot network
     chain=srcnat action=masquerade to-addresses=0.0.0.0 src-address=10.0.10.0/23 

6   chain=dstnat action=dst-nat to-addresses=X.X.X.X to-ports=80 protocol=tcp src-address=10.0.11.187 

/ip firewall mangle print 
Flags: X - disabled, I - invalid, D - dynamic 
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 2932
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: Redirect all traffic from a spesific ip number to a web

Wed Aug 13, 2014 7:13 pm

remove all the rules, except the numbers 0, 1 and 2
/ip firewall nat
print
remove 3,4,5,6
add chain=dstnat action=dst-nat protocol=tcp src-address=10.0.11.187 dst-port=80 to-addresses=<WEBSERVER-IP-ADDRESS> to-ports=80
add chain=dstnat action=dst-nat protocol=tcp src-address=10.0.11.187 dst-port=443 to-addresses=<WEBSERVER-IP-ADDRESS> to-ports=443
I'm Italian, not English. Sorry for my imperfect grammar.
 
Sermeric
just joined
Topic Author
Posts: 4
Joined: Wed Aug 13, 2014 2:18 pm

Re: Redirect all traffic from a spesific ip number to a web

Thu Aug 14, 2014 4:17 pm

Yes, now it's working, Thank you!

But there's something else now, Another issue is the web page we're going to access by ip number does not accept requests from ip. (i think they are using a cloud security service) And i get error saying
Invalid URL
The requested URL "/", is invalid.

Reference #9.20ab645f.1408022211.15f5362b
Is there a way to use domain name on destination address?
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1026
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Redirect all traffic from a spesific ip number to a web

Thu Aug 14, 2014 10:23 pm

The only way to redirect to url, as far as I know, is by using webproxy. To do that first you need to enable it:
/ip proxy set enable=yes
The default port should be 8080 but you can change it if you need to. Of course you don't need any cache, the purpose of proxy in this case is only for redirecting url-s and not cache them.
Now you need to redirect the user to the proxy. But because you will be redirecting requests of user to the proxy, in order to not get yourself in a loop of re directions, you should also add a rule which would accept the requests of the user to your webserver, and here you can use IP:
/ip firewall nat
add chain=dstnat action=accept protocol=tcp src-address=10.0.11.187 dst-address=webserver_IP dst-port=80
add chain=dstnat action=redirect to-ports=8080 protocol=tcp src-address=10.0.11.187 dst-port=80
Now on the access list of webproxy add the rule which would redirect url requests to your webserver url
/ip proxy access
add action=deny redirect-to=your_url
-Toni-
Don't crash the ambulance, whatever you do

Who is online

Users browsing this forum: nitrohydride, PhoeKhwar, rualark, salahspirit, sebastia and 43 guests