/ip proxy
set always-from-cache=no cache-administrator="webmaster" cache-hit-dscp=4 \
cache-on-disk=no enabled=yes max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=3128 serialize-connections=no src-address=\
0.0.0.0
===========================================================================
/ip proxy access
add action=deny comment=proxy disabled=no src-address=192.168.20.0/24
===========================================================================
/ip firewall nat
add action=redirect chain=dstnat comment=Redirect disabled=no in-interface=\
local port=3128 protocol=\
tcp src-address-list=!allow to-ports=3128
===========================================================================
/system script
add name=allow policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\
"/ip proxy access set [find comment=\"proxy\"] action=allow"
add name=deny policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=\
"/ip proxy access set [find comment=\"proxy\"] action=deny"
===========================================================================
/system scheduler
add comment="" disabled=no interval=1w name=allow on-event=allow policy=\
reboot,read,write,policy,test,password,sniff,sensitive start-date=\
may/02/2012 start-time=12:00:00
add comment="" disabled=no interval=1w name=deny on-event=deny policy=\
reboot,read,write,policy,test,password,sniff,sensitive start-date=\
may/02/2012 start-time=13:00:00
Loadbalancing 2 Speedy
/interface
Set 0 name=modem1
Set 1 name=modem2
Set 2 name=local
============================================================================
/ip address
add address=192.168.1.2/24 netmask=255.255.255.0 interface=modem1
add address=192.168.2.2/24 netmask=255.255.255.0 interface=modem2
add address=192.168.20.1/24 netmask=255.255.255.0 interface=local
============================================================================
/ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=modem1
passthrough=yes connection-state=new in-interface=local nth=2,1
add chain=prerouting action=mark-routing new-routing-mark=modem1
passthrough=no in-interface=local connection-mark=modem1
add chain=prerouting action=mark-connection new-connection-mark=modem2
passthrough=yes connection-state=new in-interface=local nth=2,2
add chain=prerouting action=mark-routing new-routing-mark=modem2
passthrough=no in-interface=local connection-mark=modem2
============================================================================
/ip firewall nat
add chain=srcnat action=masquerade out-interface=modem1
add chain=srcnat action=masquerade out-interface=modem2
============================================================================
Set 0 name=modem1
Set 1 name=modem2
Set 2 name=local
============================================================================
/ip address
add address=192.168.1.2/24 netmask=255.255.255.0 interface=modem1
add address=192.168.2.2/24 netmask=255.255.255.0 interface=modem2
add address=192.168.20.1/24 netmask=255.255.255.0 interface=local
============================================================================
/ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=modem1
passthrough=yes connection-state=new in-interface=local nth=2,1
add chain=prerouting action=mark-routing new-routing-mark=modem1
passthrough=no in-interface=local connection-mark=modem1
add chain=prerouting action=mark-connection new-connection-mark=modem2
passthrough=yes connection-state=new in-interface=local nth=2,2
add chain=prerouting action=mark-routing new-routing-mark=modem2
passthrough=no in-interface=local connection-mark=modem2
============================================================================
/ip firewall nat
add chain=srcnat action=masquerade out-interface=modem1
add chain=srcnat action=masquerade out-interface=modem2
============================================================================
/ip route
add gateway=192.168.1.1
add gateway=192.168.2.1 routing-mark=modem2
Langganan:
Postingan (Atom)
