hi
can i bind an extension file type to a proxy server?
example : exe file just taken from 10.10.10.1 port 3128
thanks in advance
IP Binding
Yes, u can do that. just go ip - proxy/web proxy(the place u were set) - access, just allow from source you define and allow from your source ip.and the second rule just add net except rule 1 to deny. 
Here you will find more information,
http://www.mikrotik.com/testdocs/ros/2. ... php#7.53.3
http://www.mikrotik.com/testdocs/ros/2. ... php#7.53.3
hi again
this is all my configuration , but failed to bind (exe) to wan2 (10.10.10.252).
all the download has been taken from the default gateway wan1 (172.20.20.1)
the 2 wans are from different isps. every thing is working fine even the proxy of the wan2 is working in the browser but can't bind the download to it only
10x 4 any help.
[admin@MikroTik] > /ip address
[admin@MikroTik] ip address> print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 20.20.20.1/24 20.20.20.0 20.20.20.255 local
1 10.10.10.252/24 10.10.10.0 10.10.10.255 public2
2 172.20.20.248/24 172.20.20.0 172.20.20.255 public1
[admin@MikroTik] ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 ADC 10.10.10.0/24 10.10.10.252 public2
1 ADC 20.20.20.0/24 20.20.20.1 local
2 ADC 172.20.20.0/24 172.20.20.248 public1
3 A S 0.0.0.0/0 r 10.10.10.1 public2
4 A S 0.0.0.0/0 r 172.20.20.1 public1
5 A S 0.0.0.0/0 r 172.20.20.1 public1
[admin@MikroTik] > /ip firewall nat
[admin@MikroTik] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat protocol=tcp dst-port=53 action=dst-nat to-addresses=172.20.20.1 to-ports=53
1 chain=dstnat protocol=udp dst-port=53 action=dst-nat to-addresses=172.20.20.1 to-ports=53
2 chain=dstnat protocol=tcp dst-port=53 action=dst-nat to-addresses=10.10.10.1 to-ports=53
3 chain=dstnat protocol=udp dst-port=53 action=dst-nat to-addresses=10.10.10.1 to-ports=53
4 chain=srcnat out-interface=public1 action=masquerade
5 chain=srcnat out-interface=public2 action=masquerade
6 chain=dstnat in-interface=local protocol=tcp dst-port=80 action=redirect to-ports=3128
[admin@MikroTik] ip> webproxy
no such command or directory (webproxy)
[admin@MikroTik] ip> web-proxy
[admin@MikroTik] ip web-proxy> print
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: "proxy"
transparent-proxy: yes
parent-proxy: 0.0.0.0:0
cache-administrator: "webmaster"
max-object-size: 4096KiB
cache-drive: system
max-cache-size: unlimited
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 13378560KiB
reserved-for-ram-cache: 2048KiB
[admin@MikroTik] ip web-proxy access> print
Flags: X - disabled, I - invalid
0 ;;; block telnet & spam e-mail relaying
dst-port=23-25 action=deny
1 url="ftp://*" action=deny
2 url=":\\.mp[3g]$" action=deny
3 src-address=10.10.10.252/32 action=allow
4 url=".exe" action=deny
[admin@MikroTik] ip> proxy
[admin@MikroTik] ip proxy> print
enabled: yes
port: 8080
parent-proxy: 0.0.0.0:1
maximal-client-connecions: 1000
maximal-server-connectons: 1000
this is all my configuration , but failed to bind (exe) to wan2 (10.10.10.252).
all the download has been taken from the default gateway wan1 (172.20.20.1)
the 2 wans are from different isps. every thing is working fine even the proxy of the wan2 is working in the browser but can't bind the download to it only
10x 4 any help.
[admin@MikroTik] > /ip address
[admin@MikroTik] ip address> print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 20.20.20.1/24 20.20.20.0 20.20.20.255 local
1 10.10.10.252/24 10.10.10.0 10.10.10.255 public2
2 172.20.20.248/24 172.20.20.0 172.20.20.255 public1
[admin@MikroTik] ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 ADC 10.10.10.0/24 10.10.10.252 public2
1 ADC 20.20.20.0/24 20.20.20.1 local
2 ADC 172.20.20.0/24 172.20.20.248 public1
3 A S 0.0.0.0/0 r 10.10.10.1 public2
4 A S 0.0.0.0/0 r 172.20.20.1 public1
5 A S 0.0.0.0/0 r 172.20.20.1 public1
[admin@MikroTik] > /ip firewall nat
[admin@MikroTik] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat protocol=tcp dst-port=53 action=dst-nat to-addresses=172.20.20.1 to-ports=53
1 chain=dstnat protocol=udp dst-port=53 action=dst-nat to-addresses=172.20.20.1 to-ports=53
2 chain=dstnat protocol=tcp dst-port=53 action=dst-nat to-addresses=10.10.10.1 to-ports=53
3 chain=dstnat protocol=udp dst-port=53 action=dst-nat to-addresses=10.10.10.1 to-ports=53
4 chain=srcnat out-interface=public1 action=masquerade
5 chain=srcnat out-interface=public2 action=masquerade
6 chain=dstnat in-interface=local protocol=tcp dst-port=80 action=redirect to-ports=3128
[admin@MikroTik] ip> webproxy
no such command or directory (webproxy)
[admin@MikroTik] ip> web-proxy
[admin@MikroTik] ip web-proxy> print
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: "proxy"
transparent-proxy: yes
parent-proxy: 0.0.0.0:0
cache-administrator: "webmaster"
max-object-size: 4096KiB
cache-drive: system
max-cache-size: unlimited
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 13378560KiB
reserved-for-ram-cache: 2048KiB
[admin@MikroTik] ip web-proxy access> print
Flags: X - disabled, I - invalid
0 ;;; block telnet & spam e-mail relaying
dst-port=23-25 action=deny
1 url="ftp://*" action=deny
2 url=":\\.mp[3g]$" action=deny
3 src-address=10.10.10.252/32 action=allow
4 url=".exe" action=deny
[admin@MikroTik] ip> proxy
[admin@MikroTik] ip proxy> print
enabled: yes
port: 8080
parent-proxy: 0.0.0.0:1
maximal-client-connecions: 1000
maximal-server-connectons: 1000