But now I'd like to insert a transparent squid proxy to cache the client traffic.
This image explains how I configured my network
I already have a server running squid in transparent mode, if I set it up (192.168.1.111:3128) in my browser works correctly.
I configured the proxy that comes with RouterOS and I've defined my squid server as a parent, if I configure this proxy in my browser (192.168.1.130:8080) also works well and requests are sent correctly to the squid server (I can see them in the log).
The problem is to redirect http traffic to the proxy since I can not configure the proxy on all browsers of my clients.
I'm using NAT rules to try to redirect this traffic, but is not working properly, the router intercepts packets to port 80 and sends the ROS proxy, and this, send the packet to the squid proxy (I can see the requests in the squid log), but in the browsers of clients the page does not load
Here is my config:
NAT
Code: Select all
add action=redirect chain=dstnat comment="" disabled=no dst-port=80 protocol=tcp to-ports=8080
Code: Select all
/ip proxy
set always-from-cache=no cache-administrator="mE <mymail@gmail.com>" cache-hit-dscp=4 cache-on-disk=no enabled=yes max-cache-size=none \
max-client-connections=3600 max-fresh-time=3d max-server-connections=3600 parent-proxy=192.168.1.111 parent-proxy-port=3128 port=8080 \
serialize-connections=no src-address=222.222.222.21
/ip proxy access
add action=allow comment="" disabled=no dst-address=0.0.0.0 dst-port=0-65535 src-address=0.0.0.0
Code: Select all
1265969180.926 273 222.222.222.21 TCP_MISS/302 566 GET http://mikrotik.com/ - DIRECT/159.148.147.196 text/html
1265969218.747 99 222.222.222.21 TCP_MISS/200 590 GET http://clients1.google.es/complete/search? - DIRECT/209.85.229.101 text/javascript
1265969219.112 0 222.222.222.21 TCP_MEM_HIT/200 595 GET http://clients1.google.es/complete/search? - NONE/- text/javascript
1265969219.313 0 222.222.222.21 TCP_HIT/301 677 GET http://google.es/ - NONE/- text/html
