caros amigos achei bastante conteúdo aqui no forum sobre web proxy e cache full, porem cansei de tentar colocar as regras e adapta-las e nao funciona, meu conhecimento em Mk eh pequeno porem faço tudo certinho e nao funciona, o fato de eu usar HOTSPOT e uma versão 3.30, piora a cituação, se nao fosse por isso creio q ja estava funcionando a muito tempo, bom copiei algumas regras minhas e gostaria que alguem pudesse analizar e ver se descobre oq esta errado q nao funciona, segue as regras:
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=drop chain=input comment="BARRA BRUTAL FOR\C7A" disabled=no \
dst-port=22 protocol=tcp src-address-list=!black_list
add action=drop chain=input comment="BLOQUEIO DO PROXY EXTERNO" disabled=no \
dst-port=8080 protocol=tcp
add action=accept chain=input comment="CHACHE FULL - ACEITAR CONEXOES PROXY" \
disabled=no dscp=0 dst-port=8080 in-interface=CLIENTES protocol=tcp \
src-address=192.168.2.0/24
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall mangle
add action=accept chain=output comment="qcept proxy" disabled=no dscp=4
add action=mark-connection chain=output comment=Cache-squid content=\
"X-Cache: HIT" disabled=no new-connection-mark=squid-connection-HIT \
passthrough=yes protocol=tcp src-port=3128
add action=mark-packet chain=output comment="" connection-mark=\
squid-connection-HIT disabled=no new-packet-mark=squid-packet-HIT \
passthrough=no
add action=add-dst-to-address-list address-list=youtube address-list-timeout=\
4w2d chain=prerouting comment=Youtube content=youtube.com disabled=no \
dst-port=80 in-interface=CLIENTES protocol=tcp
add action=add-dst-to-address-list address-list=4shared address-list-timeout=\
4w2d chain=prerouting comment=4Shared content=4shared.com disabled=no \
dst-port=80 in-interface=CLIENTES protocol=tcp
add action=add-dst-to-address-list address-list=megaupload \
address-list-timeout=4w2d chain=prerouting comment=Mega content=\
megaupload.com disabled=no dst-port=80 in-interface=CLIENTES protocol=tcp
add action=add-dst-to-address-list address-list=rapidshare \
address-list-timeout=4w2d chain=prerouting comment=Rapid content=\
rapidshare.com disabled=no dst-port=80 in-interface=CLIENTES protocol=tcp
add action=add-dst-to-address-list address-list=orkut address-list-timeout=\
4w2d chain=prerouting comment=Orkut content=orkut.com.br disabled=no \
dst-port=80 in-interface=CLIENTES protocol=tcp
add action=mark-connection chain=output comment="Hotspot - Full" disabled=no \
new-connection-mark=hotspot-out out-interface=CLIENTES passthrough=yes \
protocol=udp src-port=64872
add action=mark-connection chain=output comment="" disabled=no \
new-connection-mark=hotspot-out out-interface=CLIENTES passthrough=yes \
protocol=tcp src-port=64872
add action=mark-connection chain=output comment="" disabled=no \
new-connection-mark=hotspot-out out-interface=CLIENTES passthrough=yes \
protocol=tcp src-port=64873
add action=mark-connection chain=output comment="" disabled=no \
new-connection-mark=hotspot-out out-interface=CLIENTES passthrough=yes \
protocol=tcp src-port=64874
add action=mark-connection chain=output comment="" disabled=no \
new-connection-mark=hotspot-out out-interface=CLIENTES passthrough=yes \
protocol=tcp src-port=64875
add action=mark-connection chain=prerouting comment="QoS - MSN" disabled=no \
dst-port=1863 new-connection-mark=Messenger-Conexao passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
1863 new-connection-mark=Messenger-Conexao passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
6891-6901 new-connection-mark=Messenger-Conexao passthrough=yes protocol=\
tcp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
6891-6901 new-connection-mark=Messenger-Conexao passthrough=yes protocol=\
udp
add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\
5190 new-connection-mark=Messenger-Conexao passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="" connection-mark=\
Messenger-Conexao disabled=no new-packet-mark=Messenger-Pacotes \
passthrough=no
add action=mark-connection chain=prerouting comment=YOU disabled=no \
new-connection-mark=you_conn passthrough=yes src-address-list=youtube
add action=mark-packet chain=prerouting comment="" connection-mark=you_conn \
disabled=no new-packet-mark=you_packet passthrough=yes
add action=mark-connection chain=prerouting comment=4SH disabled=no \
new-connection-mark=4sh_conn passthrough=yes src-address-list=4shared
add action=mark-packet chain=prerouting comment="" connection-mark=4sh_conn \
disabled=no new-packet-mark=4sh_packet passthrough=yes
add action=mark-connection chain=prerouting comment=MEGA disabled=no \
new-connection-mark=mega_conn passthrough=yes src-address-list=megaupload
add action=mark-packet chain=prerouting comment="" connection-mark=mega_conn \
disabled=no new-packet-mark=mega_packet passthrough=yes
add action=mark-connection chain=prerouting comment=RAPID disabled=no \
new-connection-mark=rapid_conn passthrough=yes src-address-list=\
rapidshare
add action=mark-packet chain=prerouting comment="" connection-mark=rapid_conn \
disabled=no new-packet-mark=rapid_packet passthrough=yes
add action=mark-connection chain=output comment=ORK content=orkut.com \
disabled=no new-connection-mark=ork_conn passthrough=yes
add action=mark-packet chain=output comment="" connection-mark=ork_conn \
disabled=no new-packet-mark=ork_packet passthrough=yes
add action=mark-packet chain=output comment=";;; HIT TRAFFIC FROM PROXY " \
disabled=no dscp=!4 new-packet-mark=proxy-hit out-interface=CLIENTES \
passthrough=no
add action=mark-packet chain=prerouting comment=";;; UP TRAFFIC" disabled=no \
in-interface=CLIENTES new-packet-mark=proxy-up passthrough=no \
src-address=192.168.2.0/24
add action=mark-connection chain=forward comment=";;; CONN-MARK" disabled=no \
new-connection-mark=proxy-conn passthrough=yes src-address=192.168.2.0/24
add action=mark-packet chain=forward comment=";;; DOWN-DIRECT CONNECTION" \
connection-mark=proxy-conn disabled=no in-interface=LINK new-packet-mark=\
proxy-down passthrough=no
add action=mark-packet chain=output comment=";;; DOWN-VIA PROXY" disabled=no \
new-packet-mark=proxy-down out-interface=CLIENTES passthrough=no \
src-address=192.168.2.0/24
add action=mark-connection chain=prerouting comment="Controle P2P" disabled=\
no new-connection-mark=p2p_conn p2p=all-p2p passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=p2p_conn \
disabled=no new-packet-mark=p2p passthrough=yes
add action=change-mss chain=forward comment="Alterar MSS do MSN para 1440" \
disabled=no dst-port=1863 new-mss=1440 protocol=tcp tcp-flags=syn \
tcp-mss=1441-65535
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=192.168.2.0/24
add action=redirect chain=dstnat comment=\
"redirecionamento porta 80 para webproxy 3128" disabled=no dst-port=80 \
in-interface=CLIENTES protocol=tcp src-address=192.168.2.0/24 to-ports=\
3128
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667,3128
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
ja nao aguento mais tentar seguir algum tutorial que nunca da certo,
desde já agradeço a qualquer ajuda, abraços