سلام
من پرینت کانفیگ فایروال رو میزارم براتون میشه بگید چجوری میتونم رنج 192.168.10.0/24 وقتی کش سرور رو ether10 روشنه مثل الان، بشه از پورت 80 استفاده کرد؟ چون وقتی کش سرور رو روشن میکنم این رنج آی پی با هیچ پورتی مشکل نداره الا 80!
NAT
/ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
chain=srcnat action=src-nat to-addresses=37.191.77.9
src-address=192.168.111.1 log=no log-prefix=""
chain=srcnat action=src-nat to-addresses=37.191.77.9
src-address=192.168.10.0/24 out-interface=!ether10-BWSprinter log=no
log-prefix=""
chain=srcnat action=src-nat to-addresses=37.191.77.9
src-address=15.15.15.0/24 out-interface=!ether10-BWSprinter log=no
log-prefix=""
;;; Redirect To Sib
chain=dstnat action=dst-nat to-addresses=37.191.77.24 to-ports=82
protocol=tcp src-address-list=FinishedCreditIP dst-address-list=!SibSite
dst-port=80 log=no log-prefix=""
;;; ADSL NAT BANKIP
chain=srcnat action=src-nat to-addresses=37.191.77.9 protocol=tcp
src-address-list=FinishedCreditIP dst-address-list=BANKIP dst-port=443
log=no log-prefix=""
;;; ADSL NAT DNS
chain=srcnat action=src-nat to-addresses=37.191.77.9 protocol=udp
src-address-list=FinishedCreditIP dst-address-list=DNSIP
out-interface=!ether10-BWSprinter dst-port=53 log=no log-prefix=""
;;; ADSL NAT SIB
chain=srcnat action=src-nat to-addresses=37.191.77.9
src-address-list=FinishedCreditIP dst-address-list=SibSite log=no
log-prefix=""
chain=dstnat action=dst-nat to-addresses=192.168.111.1 to-ports=2020
protocol=tcp dst-address=37.191.77.9 dst-port=2020 log=no log-prefix=""
chain=dstnat action=dst-nat to-addresses=192.168.111.1 to-ports=22
protocol=tcp dst-address=37.191.77.9 dst-port=2222 log=no log-prefix=""
Mangle
/ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting action=mark-routing new-routing-mark=BWSprinter
passthrough=yes protocol=tcp src-address-list=!FinishedCreditIP
dst-address-list=!bypass in-interface=!ether10-BWSprinter dst-port=80
log=no log-prefix=""
1 chain=prerouting action=mark-routing new-routing-mark=BWSprinter
passthrough=yes protocol=tcp src-address-list=!bypass
dst-address-list=!FinishedCreditIP in-interface=!ether10-BWSprinter
src-port=80 log=no log-prefix=""
2 chain=prerouting action=mark-packet new-packet-mark=BWSprinter_HIT
passthrough=yes protocol=tcp in-interface=ether10-BWSprinter dscp=12
log=no log-prefix=""
3 chain=prerouting action=mark-packet new-packet-mark=BWSprinter_WWWHIT
passthrough=yes protocol=tcp in-interface=ether10-BWSprinter dscp=4
log=no log-prefix=""
:Address Lists
/ip firewall address-list> print
Flags: X - disabled, D - dynamic
# LIST ADDRESS TIMEOUT
SibSite 37.191.77.24
BANKIP 176.56.158.159
BANKIP 91.240.181.20
FinishedCreditIP 172.15.15.0/24
bypass 37.191.77.24
DNSIP 188.136.136.188
DNSIP 217.218.127.127
7 D FinishedCreditIP 172.15.15.2
8 D FinishedCreditIP 172.15.15.3
9 D FinishedCreditIP 172.15.15.4
10 D FinishedCreditIP 172.15.15.5
11 D FinishedCreditIP 172.15.15.7
12 D FinishedCreditIP 172.15.15.8
13 D FinishedCreditIP 172.15.15.9
14 D FinishedCreditIP 172.15.15.1
15 D FinishedCreditIP 172.15.15.6
16 D FinishedCreditIP 172.15.15.10
17 D FinishedCreditIP 172.15.15.11
موضوعات مشابه: