Subj
How i can make my mikrotik router as frontend server for my www services. If it posible...
Show examples pls.

A Mikrotik won't serve web pages. But you can forward ports to your webserver.
http://wiki.mikrotik.com/wiki/Forwardin ... nternal_IP

/ip firewall nat add chain=dstnat dst-address=69.69.69.69 protocol=tcp dst-port=80 \
action=dst-nat to-addresses=192.168.1.2

No. I have domains first.my-www.com and second.my-www.com on single ip-adres.
Need forward first to ip 10.10.10.1 and second to 10.10.10.2 in my DMZ.

No. I have domains first.my-www.com and second.my-www.com on single ip-adres.
Need forward first to ip 10.10.10.1 and second to 10.10.10.2 in my DMZ.

I can't think of a way to do this. Only if you had two public IP addresses

There's a way, documented in wiki: Multiple Web Servers

It's limited to http only and it's hard to tell how reliability and performance would be, but it may be good enough for some uses.

This is a VERY BAD IDEA and a dangerous article. Basically you are making an open proxy for everyone on the internet, without any control or security.

There are access rules mentioned at the end of article and even explicit warning about how important they are. I'm not saying the whole thing is prefered solution, but it should be safe.

There are access rules mentioned at the end of article and even explicit warning about how important they are. I'm not saying the whole thing is prefered solution, but it should be safe.

I was so worried, that didn't read to the end. Ok then.

Thank you! I try it.

Maybe IP > Firewall > Layer 7 Protocols could work for http-only connections?

This function is supposed to scan the first 1024 bytes of a packet for something that matches a given regex. Apply it tcp packets, connection-state=new

regex: GET.+?\nhost:\s*?mysite\.com\n

Since it only applies to tcp SYN packets, maybe it's performance will be acceptable.

regex: GET.+?\nhost:\s*?mysite\.com\n

When the request comes, it's too late, because it's not in the first packet.