Article Title: RouterOS2.9 transparent proxy setting method. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
In fact, there are three parts to be set (all red fonts can be customized)
The first is to set the WEB-PROXY.
The command line is like this.
/Ip web-proxy set enabled = yes src-address = 0.0.0.0 port = 8080 hostname = "192.168.1.1" \ transparent-proxy = yes parent-proxy = 0.0.0.0: 0 \ cache-administrator = "webmaster" max-object-size = "4096 kB" \ cache-drive = system max-cache-size = 500
2nd is open DST-NAT
/Ip firewall dst-nat add src-address = 192.168.1.0/24 in-interface = lan \ dst-address =! 192.168.1.1/32: 80 protocol = tcp action = redirect \ to-dst-address = 192.168.1.1 to-dst-port = 8080 comment = "" disabled = no
(Blue is the key. Many people say that after WEB-PROXY is set, WINBOX cannot be connected. In fact, you do not need to change the WWW Service port, which is even worse)
Third, DNS settings
/Ip dns set primary-dns = 202.103.224.68 secondary-dns = 202.103.225.68 \ allow-remote-requests = yes cache-size = "2096 kB" cache-max-ttl = 7d
I just want to add 1 today
Follow the common setting method
Will discard the invalid package
However, this FORWARD rule will affect WEB-PROXY.
Invalidate PROXY!
/Ip firewall rule forward add connection-state = invalid action = drop comment = "Drop invald packets" \ disabled = no