+ Responder ao Tópico



  1. #1

    Lightbulb Como Configurar webproxy para mikrotik 5.20 ???

    Olá pessoal, atualizamos recentimente a versão do nosso mikrotik para a 5.20, porem no backup que fizemos o cache não está funcionando, gostaria de ajuda para fazer o mesmo, abraçs.

  2. #2

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Verificou a regra:

    /ip firewall nat add chain=dstnat protocol=tcp port=80
    action=redirect to-ports=8080

    para redirecionar tudo que for porta 80 para a porta do seu webproxy 8080 ou 3128 ou outra porta que vc usa



  3. #3

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    aproveitei seu problema e testei em uma RB com a versão 5.21 e funcionamento perfeito

  4. #4

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Citação Postado originalmente por leoservice Ver Post
    aproveitei seu problema e testei em uma RB com a versão 5.21 e funcionamento perfeito
    funciona com uma máquina.
    coloque tipo 50 máquinas pra vc ver.
    não funciona 3 horas.
    dai começa lentidão ,algumas páginas abre outras não.
    alguns computadores funciona, outros não.

    cara seria o sonho de todo provedor,
    se pelo menos,veja bem, se pelo menos cache de páginas funcionasse direito. ( digo 100%)

    desculpe meu descontentamento com cache's não é nada pessoal.
    único cache de páginas que vi funcionar +ou- foi do pfsense.
    agora de videos não vi nenhum ainda funcionar sem dar umas zica de vez em quando.
    funciona bem só da gvt. rsrsrs





  5. #5

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Citação Postado originalmente por leoservice Ver Post
    Verificou a regra:

    /ip firewall nat add chain=dstnat protocol=tcp port=80
    action=redirect to-ports=8080

    para redirecionar tudo que for porta 80 para a porta do seu webproxy 8080 ou 3128 ou outra porta que vc usa

    Olá, fui em newterminal e colei as regras, fui lá no webproxy, porem nao ta contando nada...

  6. #6

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Uso aqui em empresas para controle de acesso a internet, mas claro que configuração limitando o tamanho do cache no osso para não dar estes problemas.

    Para provedor o objetivo é realmente outro, economia de link, velocidade etc. Mas pra mim funciona muito bem para controle de acesso a web.

    Qual será que a GVT usa? Próprio?



  7. #7

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Citação Postado originalmente por eneolliver Ver Post
    Olá, fui em newterminal e colei as regras, fui lá no webproxy, porem nao ta contando nada...
    Mas no Webproxy esta configurado a porta 8080? Como esta o status do Webproxy no rodapé?

  8. #8

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Tenho um problema parecido.
    Acompanhando o tópico por enquanto...



  9. #9

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Tambem sou doido pra saber qual a GVT usa.

  10. #10

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Boa Tarde Galera espero ajudar voce vou passar para voces configuração da Cache full + Proxy.
    /IP Firewall nat
    add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=\
    no dst-port=80 protocol=tcp to-ports=8080
    /ip proxy
    set always-from-cache=yes cache-administrator=webmaster cache-hit-dscp=4 \
    cache-on-disk=yes enabled=yes max-cache-size=unlimited \
    max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
    parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=\
    no src-address=0.0.0.0
    /ip proxy cache
    add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
    add action=deny disabled=no dst-host=https: dst-port="" path=/
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /www.rjnet.com.br/2velocimetro.php
    add action=allow disabled=no dst-host=http: dst-port="" path=/www.terra.com.br
    add action=deny disabled=no dst-host=":cgi-bin \\\\\\\?" dst-port=""
    add action=deny disabled=no dst-host=https: dst-port="" path=/
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /www.rapidus.com.br/velocidade/
    add action=allow disabled=no dst-host=http: dst-port="" path=/www.bol.com.br
    add action=allow disabled=no dst-host=http: dst-port="" path=/www.orkut.com
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /www.autonoma.com.br/medidor/meter.php
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /medidor.brisanet.com.br/
    add action=deny disabled=no dst-host=https: dst-port="" path=\
    /portal.directv.com.br
    add action=deny disabled=no dst-host=http: dst-port="" path=\
    /chat03.terra.com.br/
    add action=allow disabled=no dst-host=http*youtube*get_video* dst-port=""
    add action=allow disabled=no dst-host=http*youtube*video* dst-port=""
    add action=allow disabled=no dst-host="http*youtube*yva_get_video_inf o*" \
    dst-port=""
    add action=allow disabled=no dst-host="\":\\\\\\\\.flv\$\"" dst-port=""
    add action=allow disabled=no dst-host=http*globo*get_video* dst-port=""
    add action=allow disabled=no dst-host=http*globo*video* dst-port=""
    add action=allow disabled=no dst-host=http*googlevideo*get_video* dst-port=""
    add action=allow disabled=no dst-host=http*googlevideo*video* dst-port=""
    add action=allow disabled=no dst-host=http*video.google*get_video* dst-port=""
    add action=allow disabled=no dst-host=http*video.google*video* dst-port=""
    add action=allow disabled=no dst-host=http*videoplay* dst-port=""
    add action=allow disabled=no dst-host=http*74.125.15.83*get_video* dst-port=""
    add action=allow disabled=no dst-host=: dst-port="" path=:.swf*
    add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
    add action=deny disabled=no dst-host=https: dst-port="" path=/
    add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
    add action=deny disabled=no dst-host=start.com.br dst-port=""
    add action=deny disabled=no dst-host=http: dst-port="" path=/speed
    add action=deny disabled=no dst-host=https: dst-port="" path=/
    add action=allow disabled=no dst-host=":\\.exe\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.zip\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.mpeg\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.avi\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.pdf\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.css\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.rar\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.mov\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.mpg\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.iso\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.bin\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.dat\$" dst-port=""
    add action=allow disabled=no dst-host=www.terra.com.br dst-port=""
    add action=deny disabled=no dst-host=":cgi-bin \\\\\\\?" dst-port=""
    add action=deny disabled=no dst-host=https:/ dst-port=""
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /www.rapidus.com.br/velocidade/
    add action=allow disabled=no dst-host=http: dst-port="" path=/www.bol.com.br
    add action=allow disabled=no dst-host=http: dst-port="" path=/www.orkut.com
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /www.autonoma.com.br/medidor/meter.php
    add action=allow disabled=no dst-host=http: dst-port="" path=\
    /medidor.brisanet.com.br/
    add action=deny disabled=no dst-host=https: dst-port="" path=\
    /portal.directv.com.br
    add action=deny disabled=no dst-host=http://chat03.terra.com.br/ dst-port=""
    add action=allow disabled=no dst-host=http*youtube*get_video* dst-port=""
    add action=allow disabled=no dst-host=http*youtube*video* dst-port=""
    add action=allow disabled=no dst-host="http*youtube*yva_get_video_inf o*" \
    dst-port=""
    add action=allow disabled=no dst-host="\":\\\\\\\\.flv\$\"" dst-port=""
    add action=allow disabled=no dst-host=http*globo*get_video* dst-port=""
    add action=allow disabled=no dst-host=http*globo*video* dst-port=""
    add action=allow disabled=no dst-host=http*googlevideo*get_video* dst-po
    add action=allow disabled=no dst-host=http*googlevideo*video* dst-port="
    add action=allow disabled=no dst-host=http*video.google*get_video* dst-p
    add action=allow disabled=no dst-host=http*video.google*video* dst-port=
    add action=allow disabled=no dst-host=http*videoplay* dst-port=""
    add action=allow disabled=no dst-host=http*74.125.15.83*get_video* dst-p
    add action=allow disabled=no dst-host=::.swf* dst-port="" path=""
    add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
    add action=deny disabled=no dst-host=":cgi-bin \\\?" dst-port=""
    add action=deny disabled=no dst-host=start.com.br dst-port=""
    add action=deny disabled=no dst-host=http://speed dst-port="" path=""
    add action=allow disabled=no dst-host=":\\.exe\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.zip\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.mpeg\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.avi\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.pdf\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.css\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.rar\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.mov\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.mpg\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.iso\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.bin\$" dst-port=""
    add action=allow disabled=no dst-host=":\\.dat\$" dst-port=""
    /ip firewall mangle
    add action=mark-connection chain=output comment="2-PROXY FULL" disabled=no \
    dscp=4 new-connection-mark=proxyfull passthrough=yes protocol=tcp \
    src-port=8080
    add action=mark-packet chain=output connection-mark=proxyfull disabled=no \
    new-packet-mark=proxyfull passthrough=yes
    add action=return chain=output connection-mark=proxyfull disabled=no
    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=5M \
    max-limit=5M name="2 - CACHE-FULL" packet-mark=proxyfull parent=\
    global-out priority=1 queue=default



  11. #11

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    Preciso muito da ajuda de vocês, amigos, tenho um mk 5.18 x86. Os downloads dos clientes são interrompidos depois de 20mb baixados. Os menores baixam numa boa. Tenho um link de 10 mb e clientes em ppoe e hotspot no mesmo servidor no mesmo pool de ip. Aparentemente tudo numa boa. Já ouvi conselhos de alterar os time-out dos clientes os idle-time também. Tudo sem resultado. Alguém pode me dar uma dica?..... Detalhe. Se eu reiniciar o servidor agora ele baixa os arquivos de 100mb 200mb normalmente. Só que depois de um tempo ele dá a zica... interrompe os downloads depois de 20mb. Não tenho regras mirabolantes. vou postar minhas regras do firewall
    /ip firewall layer7-protocol
    add comment="Marca Radios" name=Radios regexp="asx|radio|asx|app.radio|applicati\
    on/mplayer2|application|mplayer2|video/x-ms-asf-plugin|asx|swf|x-ms-asf-plug\
    in|http://aovivo.ne10.uol.com.br/radioj...radio=cbn|wmx\
    |shoutcast"
    add name="Marca Videos" regexp=player
    add name=Tv-online regexp=flv|.f4v|.f4p|.f4a|.f4b||video|x-flv|video|mp4
    add name=JCCBN regexp=jc
    add name=Medidor regexp=speed
    add name=Youtube regexp="^.+(c.youtube.com).*\$"
    add name=100bao regexp="^\01\01\05\
    \n"
    /ip firewall address-list
    add address=69.147.95.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=209.191.106.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=74.6.228.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=98.136.131.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=200.143.37.0/24 comment="\"\"\"\"WEBMOTORS\"\"\"\"" disabled=no \
    list=nobalance
    add address=65.54.0.0/16 comment=MSN1 disabled=no list=nobalance
    add address=207.46.0.0/16 comment=MSN2 disabled=no list=nobalance
    add address=64.4.0.0/16 comment=MSN3 disabled=no list=nobalance
    add address=200.143.0.0/16 comment=Pagdigital disabled=no list=nobalance
    add address=201.88.0.0/16 comment=f2b disabled=no list=nobalance
    add address=200.201.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=170.66.0.0/16 comment="bb do brasil" disabled=no list=nobalance
    add address=200.155.0.0/16 comment=bradesco disabled=no list=nobalance
    add address=200.196.0.0/16 comment=itau disabled=no list=nobalance
    add address=200.208.0.0/16 comment=sudameris disabled=no list=nobalance
    add address=200.220.0.0/16 comment=santander disabled=no list=nobalance
    add address=201.63.0.0/16 comment="wwws bradesco" disabled=no list=nobalance
    add address=65.55.0.0/16 comment=MSN4 disabled=no list=nobalance
    add address=74.52.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=174.133.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=200.219.137.0/24 disabled=no list=nobalance
    add address=200.252.8.0/24 disabled=no list=nobalance
    add address=201.2.207.0/24 disabled=no list=nobalance
    add address=200.196.226.0/24 disabled=no list=nobalance
    add address=201.24.72.0/24 disabled=no list=nobalance
    add address=78.46.46.139 disabled=no list=nobalance
    add address=69.147.95.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=209.191.106.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=74.6.228.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=98.136.131.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=200.143.37.0/24 comment="\"\"\"\"WEBMOTORS\"\"\"\"" disabled=no \
    list=nobalance
    add address=65.54.0.0/16 comment=MSN1 disabled=no list=nobalance
    add address=207.46.0.0/16 comment=MSN2 disabled=no list=nobalance
    add address=64.4.0.0/16 comment=MSN3 disabled=no list=nobalance
    add address=200.143.0.0/16 comment=Pagdigital disabled=no list=nobalance
    add address=201.88.0.0/16 comment=f2b disabled=no list=nobalance
    add address=200.201.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=170.66.0.0/16 comment="bb do brasil" disabled=no list=nobalance
    add address=200.155.0.0/16 comment=bradesco disabled=no list=nobalance
    add address=200.196.0.0/16 comment=itau disabled=no list=nobalance
    add address=200.208.0.0/16 comment=sudameris disabled=no list=nobalance
    add address=200.220.0.0/16 comment=santander disabled=no list=nobalance
    add address=201.63.0.0/16 comment="wwws bradesco" disabled=no list=nobalance
    add address=65.55.0.0/16 comment=MSN4 disabled=no list=nobalance
    add address=74.52.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=74.125.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=174.133.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=200.219.137.0/24 disabled=no list=nobalance
    add address=200.252.8.0/24 disabled=no list=nobalance
    add address=201.2.207.0/24 disabled=no list=nobalance
    add address=200.196.226.0/24 disabled=no list=nobalance
    add address=201.24.72.0/24 disabled=no list=nobalance
    add address=78.46.46.139 disabled=no list=nobalance
    add address=200.147.22.115 disabled=no list=nobalance
    add address=200.147.36.16 disabled=no list=nobalance
    add address=200.147.100.28 disabled=no list=nobalance
    add address=208.117.224.0/24 disabled=no list=Youtube
    add address=208.117.225.0/24 disabled=no list=Youtube
    add address=208.117.228.0/24 disabled=no list=Youtube
    add address=208.117.229.0/24 disabled=no list=Youtube
    add address=208.117.232.0/24 disabled=no list=Youtube
    add address=208.117.233.0/24 disabled=no list=Youtube
    add address=208.117.234.0/24 disabled=no list=Youtube
    add address=208.117.238.0/24 disabled=no list=Youtube
    add address=208.65.152.0/24 disabled=no list=Youtube
    add address=208.65.153.0/24 disabled=no list=Youtube
    add address=208.65.154.0/24 disabled=no list=Youtube
    add address=64.15.112.0/20 disabled=no list=Youtube
    add address=208.117.236.0/24 disabled=no list=Youtube
    add address=74.125.96.0/19 disabled=no list=Youtube
    add address=72.14.221.0/24 disabled=no list=Youtube
    add address=84.53.128.0/18 comment=Redtube disabled=no list=Youtube
    add address=87.248.192.0/19 comment=Youporn disabled=no list=Youtube
    add address=216.155.128.0/19 comment=Redtube disabled=no list=Youtube
    add address=208.73.208.0/21 comment=Redtube disabled=no list=Youtube
    add address=66.55.140.0/23 comment=Redtube disabled=no list=Youtube
    add address=74.125.208.0/24 disabled=no list=Youtube
    add address=189.28.144.12 disabled=no list=medidor
    add address=198.173.106.104 disabled=no list=medidor
    add address=200.233.43.14 disabled=no list=medidor
    add address=67.15.120.26 disabled=no list=medidor
    add address=200.233.47.4 disabled=no list=medidor
    add address=200.216.69.232 disabled=no list=medidor
    add address=72.232.17.106 disabled=no list=medidor
    add address=208.48.246.14 disabled=no list=medidor
    add address=201.7.176.59 disabled=no list=medidor
    add address=200.203.134.5 disabled=no list=medidor
    add address=208.109.101.166 disabled=no list=medidor
    add address=200.181.108.29 disabled=no list=medidor
    add address=75.126.168.3 disabled=no list=medidor
    add address=200.229.0.164 disabled=no list=medidor
    add address=200.185.109.83 disabled=no list=medidor
    add address=204.16.1.252 disabled=no list=medidor
    add address=189.44.84.20 disabled=no list=medidor
    add address=200.159.128.189 disabled=no list=medidor
    add address=200.195.0.0/24 disabled=no list=speed
    add address=200.98.131.15 comment="MINHA CONEXAO" disabled=no list=medidor
    add address=186.202.179.180 disabled=no list=nobalance
    add address=200.221.0.0/16 disabled=no list=nobalance
    add address=200.221.0.0/24 disabled=no list=nobalance
    add address=200.147.0.0/24 comment=JCCBN disabled=no list=nobalance
    add address=74.209.160.12 comment=http://www.speedtest.net/ disabled=no list=\
    medidor
    /ip firewall connection tracking
    set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
    10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
    tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
    udp-stream-timeout=3m udp-timeout=10s
    /ip firewall filter
    add action=drop chain=forward comment="bloquear p2p" disabled=no p2p=all-p2p
    add action=accept chain=input comment="ACEITAR CONEXOES PROXY" disabled=yes \
    dst-port=8080 protocol=tcp
    add action=accept chain=input comment="ACEITAR RADIOS" disabled=no \
    layer7-protocol=Radios
    add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
    disabled=yes
    add action=accept chain=input comment="Melhorias No MSN" disabled=no dst-port=\
    1863 protocol=tcp
    add action=accept chain=input disabled=no protocol=tcp src-port=1863
    add action=accept chain=input disabled=no dst-port=443 protocol=tcp
    add action=accept chain=forward disabled=no dst-port=443 protocol=tcp

    Espero uma ajuda.
    Desde já obrigado

  12. #12

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    aqui estão o restante das Regras
    /ip firewall mangle
    add action=mark-connection chain=output comment="2-PROXY FULL" disabled=no \
    dscp=4 new-connection-mark=proxyfull passthrough=yes protocol=tcp src-port=\
    8080
    add action=mark-packet chain=output connection-mark=proxyfull disabled=no \
    new-packet-mark=proxyfull passthrough=yes
    add action=return chain=output connection-mark=proxyfull disabled=no
    add action=mark-connection chain=output comment="2-PROXY FULL" disabled=yes \
    dscp=4 new-connection-mark=cache-hits passthrough=yes
    add action=mark-packet chain=output connection-mark=cache-hits disabled=yes \
    new-packet-mark=cache-hits passthrough=no
    add action=return chain=output connection-mark=cache-hits disabled=yes
    add action=mark-connection chain=prerouting comment="YOUTUBE - MARCAR PACOTES" \
    disabled=no layer7-protocol=Youtube new-connection-mark=YTB passthrough=yes
    add action=mark-packet chain=prerouting connection-mark=YTB disabled=no \
    new-packet-mark=youtube passthrough=no
    add action=mark-connection chain=postrouting disabled=no layer7-protocol=\
    Youtube new-connection-mark=YTB passthrough=yes
    add action=mark-packet chain=postrouting connection-mark=YTB disabled=no \
    new-packet-mark=youtube passthrough=no
    add action=mark-connection chain=prerouting comment=SPC content=spc disabled=no \
    new-connection-mark=JCCBN passthrough=yes
    add action=mark-connection chain=postrouting content=spc disabled=no \
    new-connection-mark=JCCBN passthrough=yes
    add action=mark-packet chain=prerouting connection-mark=JCCBN content=spc \
    disabled=no new-packet-mark=JCPACK passthrough=no
    add action=mark-packet chain=postrouting connection-mark=JCCBN disabled=no \
    layer7-protocol=JCCBN new-packet-mark=JCPACK passthrough=no
    add action=mark-connection chain=prerouting comment=BLOGSPOT content=blog \
    disabled=no new-connection-mark=BLG passthrough=yes
    add action=mark-connection chain=postrouting content=blog disabled=no \
    new-connection-mark=BLG passthrough=yes
    add action=mark-packet chain=prerouting connection-mark=BLG disabled=no \
    new-packet-mark=BLGPACK passthrough=no
    add action=mark-packet chain=postrouting connection-mark=BLG disabled=no \
    new-packet-mark=BLGPACK passthrough=no
    add action=mark-packet chain=prerouting disabled=no new-packet-mark=gradpack \
    passthrough=yes protocol=tcp src-port=9000-10000
    add action=mark-packet chain=postrouting disabled=no dst-port=9000-10000 \
    new-packet-mark=gradpack passthrough=yes protocol=tcp src-port=9000-10000
    add action=mark-connection chain=prerouting connection-mark=grad disabled=no \
    new-connection-mark=gradpack passthrough=yes protocol=tcp src-port=\
    9000-10000
    add action=mark-connection chain=postrouting disabled=no dst-port=9000-10000 \
    new-connection-mark=grad passthrough=yes protocol=tcp src-port=9000-10000
    /ip firewall nat
    add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=\
    no dst-port=80 protocol=tcp to-ports=8080
    add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
    disabled=yes
    add action=redirect chain=dstnat comment="Redirecionamento do Proxy" disabled=\
    yes dscp=4 dst-port=80 protocol=tcp src-address=192.168.30.0/24 to-ports=\
    8080
    add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    disabled=no src-address=192.168.30.0/24 to-addresses=0.0.0.0
    add action=accept chain=dstnat comment=\
    "\"\"\"\"\"\"SERVI\C7OS NOBRES FORA DO PROXY\"\"\"\"\"\"" disabled=no \
    dst-address-list=nobalance
    add action=accept chain=dstnat comment=Radios disabled=yes layer7-protocol=\
    Radios
    add action=accept chain=dstnat comment=JC disabled=yes dst-address=\
    200.147.36.16 protocol=tcp
    add action=accept chain=dstnat comment=\
    "Com essas regras estabiliza o MSN,Hotmail,Gmail e outros" disabled=no \
    dst-address=207.46.0.0/16
    add action=accept chain=dstnat disabled=no dst-address=64.4.0.0/24
    add action=accept chain=dstnat disabled=no dst-address=65.54.0.0/24
    add action=accept chain=dstnat disabled=no dst-address=207.68.128.0/24
    add action=accept chain=dstnat disabled=no dst-address=64.4.0.0/24
    add action=accept chain=dstnat disabled=no dst-address=213.199.144.0/24
    add action=accept chain=dstnat disabled=no dst-address=65.52.0.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.208.0.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.249.150.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.167.67.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.179.42.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.249.84.24
    add action=accept chain=dstnat disabled=no dst-address=200.201.173.24
    add action=accept chain=dstnat disabled=no dst-address=200.201.174.24
    add action=accept chain=dstnat disabled=no dst-address=200.220.254.24
    add action=accept chain=dstnat disabled=no dst-address=200.217.233.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.172.181.0/24
    add action=accept chain=dstnat disabled=no dst-address=200.141.204.0/24
    add action=accept chain=dstnat comment=WinBox connection-limit=100,32 disabled=\
    no dst-port=8291 protocol=tcp time=0s-0s,sun,mon,tue,wed,thu,fri,sat
    add action=dst-nat chain=dstnat comment="acesso puty mk-auth" disabled=yes \
    dst-port=75 protocol=tcp to-addresses=172.31.255.2 to-ports=22
    add action=accept chain=dstnat comment="Radio Uol" disabled=no dst-address=\
    200.221.8.24 protocol=tcp
    add action=accept chain=dstnat comment=CEF disabled=no dst-address=200.201.0.16
    add action=accept chain=dstnat disabled=no src-address=200.155.0.16
    add action=accept chain=dstnat disabled=no dst-address=200.141.204.24
    add action=dst-nat chain=dstnat disabled=no dst-port=82 protocol=tcp \
    to-addresses=172.31.255.2 to-ports=10000
    add action=dst-nat chain=dstnat disabled=no dst-port=86 protocol=tcp \
    to-addresses=172.31.255.2 to-ports=80
    add action=accept chain=dstnat disabled=no dst-address=200.221.0.16 protocol=\
    tcp
    /ip firewall service-port
    set ftp disabled=no ports=21
    set tftp disabled=no ports=69
    set irc disabled=no ports=6667
    set h323 disabled=no
    set sip disabled=no ports=5060,5061 sip-direct-media=yes
    set pptp disabled=no



  13. #13

    Padrão Re: Como Configurar webproxy para mikrotik 5.20 ???

    essa regras evitam o cache do youtube? e de outros videos?