1.Putty: For Ubuntu remotely with SSH
2. WinSCP: If you want to edit the scripts and the remote control
3. Winbox: remote Mikrotik.
When the 3-install the software, these remote follow the instructions as follows:
Mikrotik your remote control and configuration of:
IP Firewall Mangle:
0,,, a proxy-HIT
PREROUTING chain = action = mark-packet new package passthrough mark = proxy = no hit DSCP = 12
1,,, http-conn
PREROUTING chain action = mark-connection new connection = passthrough = no http_conn registered TCP = src-address = 192.168.1.0/24 interface = ether2 in
2 = action = mark-Chain PREROUTING-package brand new package http_conn = = no pass-through connection-mark = http_conn
3,,, https-conn
PREROUTING chain = action = mark-connection new-connection-mark = https passthrough = yes conn = new connection status
protocol = tcp dst-port = 443
4-PREROUTING chain = action = mark-routing new-routing-mark = https passthrough = no connection-mark = https conn
5,,, DNS
Action = PREROUTING chain outside the brand new connection connection = DNS passthrough = yes protocol = udp dst-port = 53
6 = action = PREROUTING chain brand-new connection connection = mark DNS passthrough = yes protocol = UDP dst-port = 53
7 = PREROUTING chain the new action = change DSCP DSCP = 12 = registered DNS connection
8,,, DNS packets
PREROUTING chain = action = mark-packet new package brand DNS_PACKET = passthrough = no connection-mark = DNS
9 PREROUTING chain = action = mark-packet new-packet-mark = DNS_PACKET passthrough = yes
10,,, YM-Conn
chain = forward action = mark-connection marks a new connection = ym passthrough = no protocol = tcp dst-port = 5050,5100,5051
11 chain = PREROUTING action = mark-connection new connection = ym passthrough = yes connection trademark brand = YM
12;;; Winbox
chain = input action = mark-connection new connection marks winbox passthrough = no protocol = TCP = dst-port = 8291
13,,, MMS CHANGE
String = new action = change mss MSS = 1440 tcp-flags SYN = TCP protocol interface = ether1 gateway
tcp-MSS = 1441 to 65535
FIREWALL IP address-list:
0,,, localnet
Localnet 192.168.1.0/24 -> LAN IP to change the local IP address
1,,, PROXY
192.168.11.0/24 proxy - IP Network> Proxy
Cola Type:
0 = the name of "default" type = pfifo pfifo-limit = 50
Type name = "ethernet-default" = pfifo pfifo-limit = 50
2 name = "Wireless by default" sfq sfq disturbing type = = = 5 SFQ-Devote 1514
3 name = "synchronous failure" type = red-limit = 60 red-min-threshold = 10
red-max-limit = 50 red-burst = 20 red-avg-packet = 1000
4 name = "hotspot-default" sfq-perturb type = SFQ SFQ-= 5 = 1514 Allot
5 name = "downstream-DMP" type = PCQ PCQ PCQ = 0 the speed limit = 50
PCQ PCQ-classifier = address DST-total-limit = 20000
6 name = "top-DMP" type = PCQ PCQ PCQ = 0 the speed limit = 50
PCQ-classifier = src-address PCQ total-limit = 20000
7 name = "PING" type = pfifo pfifo-limit = 64
8 Name = "game_up" type = PCQ PCQ PCQ = 0 rate-limit = 20
PCQ-classifier = dst address, dst-port PCQ-total-limit = 500
9 Name = "game_dw" type = PCQ PCQ PCQ = 0 rate-limit = 20
Tail Shaft:
0 = name of the parents' Turbo-proxy "= global-out packet-mark = proxy-hit-limit = 0
Down team PCQ queue = priority = 5 max-limit = 0 burst = 0 limit
burst-threshold = 0 burst-time = 0s
Parent name = "DNS-Up" = global-in-package label = DNS_PACKET limit-at = 0
queue = PCQ upstream priority = 5 max-limit = 0 burst = 0 limit
burst-threshold = 0 burst-time = 0s
A simple string:
0 name = "TRAFFICT shapping" DST-address = 0.0.0.0 / 0 interface = all parent = none
packet = packet-mark = intl feel both priority = 1
upstream-pcq/downsteam-pcq queue = limit = 0 / 0 max-limit = 0 / 0
Burst Limit-threshold = 0 / 0 burst = 0 / 0 burst-time = 5s/5s
-Total default file = Ethernet-time = 0s-1d, Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday
Name = "BW-management address' target = local dst Your IP-address = 0.0.0.0 / 0
interface = all parent = packet = DNS_PACKET SHAPPING TRAFFICT direction = Both
= 1 priority = queue-limit to upstream-pcq/downsteam-pcq = 0 / 0
5M/5M max-limit = burst-limit = burst threshold = 5M/5M 5M/5M
burst-time = total queue = default 5s/5s
NOTE: When you set the parameters for allocating bandwidth per client / per client IP address with the parent, BW management
Your IP FIREWALL NAT
0;;; HIT PROXY
string = action = dst dstnat-NAT for addresses = 192.168.11.11 to-ports = 3128 protocol = tcp src = address! 192.168.11.11
src-address-list = localnet DST-address-list =! ProxyNet dst-port = 80,8080,3128
Connection conn = http brand
1,,, Posted by webbox
string = action = srcnat masquerade out-interface = ether1 gateway
2,,, Out Proxy (Can you also turn off)
srcnat chain = action = src-NAT IP address = Internet / IP for example, PUBLIC 125 124 123 122
src = local IP address of your ex 192.168.1.254 (IP NO NETWORK)
4 = string dstnat action = DST-NAT two-port = 53 protocol = UDP dst-port = 53
5,,, SSH
dstnat chain = action = addresses = 192.168.11.11 DST NAT-to-ports = 22
protocol = tcp = IP internet address DST / PUBLIC IP dst-port = 22.10000
Introduction by Mikrotik is over, but the client can not surf, the next step is the distance ubuntu with putty and WinSCP:
OK, in the first part, you Suda modules update. The author discusses not come back because you've managed mengisntallasi considered. In addition, remote Ubuntu with putty, putty open, enter the IP address of the host name / IP address 192.168.11.11 (Ubuntu IP) or public, you can log in as root and enter the password, then compiles the Ubuntu kernel. Copy the following script block srcript smua, then right-click on the console of Ubuntu, it will be executed automatically.
You can take it from here -> to turn the core
you open it and copy and paste it by right-clicking on the Ubuntu and press Enter, wait a moment in the process of preparation is complete.,
The next step
# Make
# Make install Sudo
Then on the remote Ubuntu with WinSCP, the / etc / squid
You must first download the settings for squid in the download menu this blog or click the download button to learn to read and the location of files and squid.conf konfiugrasi
Edit squid.conf
First stop squid
# Sudo / etc / init.d / squid stop
copy the configuration file you downloaded from the menu downlod this blog, he puts in his library. Do not mistake the site:
drag files from squid / etc / init.d /
drag and drop files sysctl.conf in / etc /
drag and drop files squid.conf, and storeurl.pl squid.conf.pl in / etc / squid
Next:
# Sudo chmod + x / etc / init.d / squid
# Give the folder permissions of the cache
chown proxy: proxy / cache
chmod 777 / cache
chown proxy: proxy / etc / squid / storeurl.pl
chmod 777 / etc / squid / storeurl.pl
• Creating folders # swap / cache in the cache folder specified dg command:
squid-f / etc / squid / squid.conf-z
• Start the squid.
/ Etc / init.d / squid restart
then try browsing customer.
control the right way: # tail-f / var / log / squid / access.log entry
If customers see aksess Ubuntu means that the proxy is already well underway.
