Saturday, June 18, 2016

MikroTik | Web Proxy Log Configuration

RouterOS is capable of logging various system events and status information. Logs can be saved in routers memory (RAM), disk, file, sent by email or even sent to remote syslog server.

UP Link IP Address: 10.10.10.2/30
Local IP Address: 192.168.0.1/24
Log Configuration: Web Proxy Log
Platform: Mikrotik Router

Step 1: Connect your Mikrotik router with your pc with a utp cable. Collect winbox software (or download it from www.mikrotik.com), click on refresh tab for MAC scan, select the mac which has shown, login with admin user, no password.



Step 2: Add wan side IP address, subnet mask and select port.



Step 3: Then add LAN Side IP address, subnet mask and select port.



Step 4: Add routes.
 

Step 5: Add DNS address.



Step 6: Add NAT rules.


Step 7: Add NAT rules.



Step 8: Add NAT rules.



Step 9: Enable web proxy.


Step 10: Create log rules.



Step 11: Create log rules.



Step 12: Redirect log rules.



Step 13: Redirect log rules.



Step 14: Download "Web Proxy Log" application software from http://webproxy-log.software.informer.com/1.5/ and installed the application software. And also following screenshot.

Note: 192.168.0.3 is remote log storage host
 

Step 15: Import logs from write to log folder.


 
Step 16: IP wise user add from import log file.

Step 17: For check log report to select created user and select date. And then need to be click Generate.



Explanation: First we give a code snippet and then explain what it actually does.

/ip address
add address=192.168.0.1/24 comment=Local interface=ether3 network=192.168.0.0
add address=10.10.10.2/30 comment=UP_Link interface=ether1 network=10.10.10.0

/ip route
add check-gateway=ping distance=1 gateway=10.10.10.1

/ip dns
set servers=8.8.8.8, 4.2.2.2

/ip firewall nat
add action=masquerade chain=srcnat src-address=192.168.0.0/24

System log:

/system logging action
add bsd-syslog=yes name=syslog remote=192.168.0.3 target=remote
/system logging
add action=syslog topics=web-proxy,!debug
 
Web Proxy Redirect Rule:

/ip firewall nat

add action=redirect chain=dstnat dst-port=80 protocol=tcp src-address=\
192.168.0.0/24 to-ports=8080


END