amigo, mudei as minhas regras, que era de acordo com o wiki da mikrotik, mas não rodava junto com o hotspot para usar igual as do m4d3, com a difereça que adptei para 2 links, vou postar abaixo meu ,firewall mangle,nat, route ,ip address, para que vocês possa olhar e ver o que tem de errado ..
Código :
/ip address add address=172.16.0.254/24 broadcast=172.16.0.255 comment="Rede Local - Clientes Prefeitura" disabled=no interface="Rede Local" network=\ 172.16.0.0 add address=189.80.16.82/29 broadcast=189.80.16.87 comment="Ip Link 256" disabled=no interface="Oi UP 256" network=189.80.16.80 add address=189.80.219.82/29 broadcast=189.80.219.87 comment="Ip Link 512" disabled=no interface="Oi UP 512" network=189.80.219.80 add address=10.10.10.1/24 broadcast=10.10.10.255 comment="Rede Local - Clientes Rua" disabled=no interface="Rede Local" network=10.10.10.0
Código :
/ip firewall mangle add action=mark-connection chain=forward comment="" disabled=no new-connection-mark=conexao-p2p p2p=all-p2p passthrough=yes add action=mark-packet chain=forward comment="" connection-mark=conexao-p2p disabled=no new-packet-mark=pacotes-p2p passthrough=no add action=accept chain=prerouting comment="SEM BALANCE" disabled=no dst-address-list=sem_balance in-interface="Rede Local" add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface="Oi UP 256" new-connection-mark=conn_na \ passthrough=yes add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface="Oi UP 512" new-connection-mark=conn_na \ passthrough=yes add action=mark-routing chain=output comment="" connection-mark=conn_na disabled=no new-routing-mark=to_ra passthrough=no add action=mark-routing chain=output comment="" connection-mark=conn_nb disabled=no new-routing-mark=to_rb passthrough=no add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface="Rede Local" new-connection-mark=conn_ma0 \ passthrough=yes per-connection-classifier=both-addresses:2/0 add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface="Rede Local" new-connection-mark=conn_mb1 \ passthrough=yes per-connection-classifier=both-addresses:2/1 add action=mark-routing chain=prerouting comment="" connection-mark=conn_ma0 disabled=no in-interface="Rede Local" new-routing-mark=to_nra \ passthrough=no add action=mark-routing chain=prerouting comment="" connection-mark=conn_mb1 disabled=no in-interface="Rede Local" new-routing-mark=to_nrb \ passthrough=no
Código :
/ip firewall nat add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes add action=masquerade chain=srcnat comment="masquerade hotspot network" disabled=no src-address=10.10.10.0/24 add action=redirect chain=dstnat comment="Redirecionar para Proxy" disabled=yes dst-address-list=sem_proxy dst-port=80 protocol=tcp to-ports=8080 add action=masquerade chain=srcnat comment="MASCARAMENTO PCC" disabled=no out-interface="Oi UP 512" add action=masquerade chain=srcnat comment="" disabled=no out-interface="Oi UP 256" add action=masquerade chain=srcnat comment="" disabled=no
Código :
/ip route add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=189.80.219.81 scope=30 target-scope=10 add comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=189.80.16.81 scope=30 target-scope=10 add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=189.80.219.81 routing-mark=to_nra scope=30 target-scope=10 add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=189.80.16.81 routing-mark=to_nrb scope=30 target-scope=10