Ta ai minhas regras:
Código PHP:
/ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough
1 ;;; block external proxy
chain=input action=drop protocol=tcp in-interface=INTERNET dst-port=3128
2 ;;; accept connections from proxy
chain=input action=accept protocol=tcp dst-port=3128
Código PHP:
/ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; mark connection *conn_squid-up*
chain=output action=mark-connection new-connection-mark=conn_squid-up
passthrough=yes protocol=tcp src-port=3128 content=X-Cache: HIT
1 ;;; mark packet *pacotes_squid-up*
chain=output action=mark-packet new-packet-mark=pacotes_squid-up
passthrough=yes connection-mark=conn_squid-up
2 ;;; mark connection *conn_squid-down*
chain=prerouting action=mark-connection
new-connection-mark=conn_squid-down passthrough=yes protocol=tcp
dst-port=3128
3 ;;; mark packet *pacotes_squid-down*
chain=prerouting action=mark-packet new-packet-mark=pacotes_squid-down
passthrough=yes connection-mark=conn_squid-down
Código PHP:
/ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough
1 ;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=192.168.10.0/24
2 ;;; nat
chain=srcnat action=masquerade src-address=192.168.10.0/24
out-interface=LOCAL
3 ;;; redirect port 80 to 3128
chain=dstnat action=redirect to-ports=3128 protocol=tcp
src-address=192.168.10.0/24 dst-port=80
Código PHP:
/queue tree> print
Flags: X - disabled, I - invalid
0 name="downstream" parent=global-in packet-mark=pacotes_squid-down
limit-at=0 queue=default priority=1 max-limit=4000000 burst-limit=0
burst-threshold=0 burst-time=0s
1 name="upstream" parent=global-out packet-mark=pacotes_squid-up limit-at=0
queue=default priority=1 max-limit=4000000 burst-limit=0
burst-threshold=0 burst-time=0s
Código PHP:
/ip proxy> print
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: "webmaster"
max-cache-size: 31457280KiB
cache-on-disk: yes
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: primary-master