Membuat transparant PROXY di mikrotik

pertama saya asumsikan ip server 10.10.10.1 di ether11 buat mangle dulu /ip firewall mangle add chain=prerouting dscp=12 action=mark packet new-packet-mark=ProxyHit buat nat transparent utk proxynya /ip firewall nat add chain=dstnat protocol=udp dst-port=53 in-interface=ether11-serverku action=dst-nat to-ports=53 comment=TRANSPARENT-DNS-UDP-PROXY ke arah lokalnya /ip firewall nat add chain=dstnat src-address=!10.10.10.1 protocol=tcp dst-port=80 in-interface=ether3 action=dst-nat to-addresses=10.10.10.1 to-ports=3128 comment="PROXY-LOKAL" add chain=dstnat protocol=udp dst-port=53 in-interface=ether3 action=dst-nat to-ports=53 comment=TRANSPARENT-UDP-LOKAL add chain=dstnat protocol=tcp dst-port=53 in-interface=ether3 action=dst-nat to-ports=53 comment=TRANSPARENT-TCP-LOKAL utk queu nya /queue type add name="PROXY DOWN" kind=pcq /queue tree add name="2.PROXY HIT LOCAL" parent=ether3 packet-mark=ProxyHit queue="PROXY DOWN" priority=1 max-limit=100M buat otomatis jika proxy mati masih bisa internetan buka di tool netwatch tambah kan isi host 10.10.10.1 interval=00.00.05 timeout=1000 isi up= /ip firewall nat enable [find comment=TRANSPARENT-UDP-LOKAL] /ip firewall nat enable [find comment=TRANSPARENT-TCP-LOKAL] /ip firewall filter enable [find comment=proxy] /ip firewall nat enable [find comment=PROXY-LOKAL] isi down /ip firewall nat disable [find comment=TRANSPARENT-UDP-LOKAL] /ip firewall nat disable [find comment=TRANSPARENT-TCP-LOKAL] /ip firewall filter disable [find comment=proxy] /ip firewall nat disable [find comment=PROXY-LOKAL]

0 Response to "Membuat transparant PROXY di mikrotik"

Post a Comment

Ilmu ibarat sempax, kita harus menggunakannya, tapi tak perlu memamerkannya