We remind everyone in the office to congratulate the Sysadmin

As you already know, today is the day of the system administrator, but not everyone knows about it in my office. To fix this, I built a small comic reminder for colleagues. Since we use the equipment of the company Mikrotik, then it implemented everything.

And the idea is simple: while the forgetful colleague surfs the Internet to show him a reminder page instead of the desired site, well, after a while, still show what he wanted to see there on Friday evening.
')
For these purposes, we are raising a proxy server on the Mikrotik.

/ip proxy set enabled=yes

Next, reset the error report page:

/ip proxy reset-html

We will be asked:

Current html pages will be lost! Reset anyway? [y/N]:

and we boldly press "y"

Next, create a rule that blocks all pages passing through our proxy

/ip proxy access add action=deny disabled=no

In winbox

In Mikrotik, a webproxy / error.html page will appear. We make it beautifully. Here I will add: you can use the variable $ (url) it contains the URL address of the destination - where the user wanted to go. I made a redirect on the page:



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +

: Winbox 80 , Ok - . /ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin : /ip firewall nat move [find comment=sysadmin] destination=0 Winbox Ok : /ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin timeout 15 Winbox http . 15 . . . : ( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ... PS . . address-list-timeout . , , Ok : Manual:IP/Proxy How to make transparent web proxy MikroTIK +
: Winbox 80 , Ok - . /ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin : /ip firewall nat move [find comment=sysadmin] destination=0 Winbox Ok : /ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin timeout 15 Winbox http . 15 . . . : ( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ... PS . . address-list-timeout . , , Ok : Manual:IP/Proxy How to make transparent web proxy MikroTIK +
: Winbox 80 , Ok - . /ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin : /ip firewall nat move [find comment=sysadmin] destination=0 Winbox Ok : /ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin timeout 15 Winbox http . 15 . . . : ( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ... PS . . address-list-timeout . , , Ok : Manual:IP/Proxy How to make transparent web proxy MikroTIK +
: Winbox 80 , Ok - . /ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin : /ip firewall nat move [find comment=sysadmin] destination=0 Winbox Ok : /ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin timeout 15 Winbox http . 15 . . . : ( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ... PS . . address-list-timeout . , , Ok : Manual:IP/Proxy How to make transparent web proxy MikroTIK +
: Winbox 80 , Ok - . /ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin : /ip firewall nat move [find comment=sysadmin] destination=0 Winbox Ok : /ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin timeout 15 Winbox http . 15 . . . : ( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ... PS . . address-list-timeout . , , Ok : Manual:IP/Proxy How to make transparent web proxy MikroTIK +



:



Winbox 

80 , Ok - .

/ip firewall nat add disabled=no chain=dstnat protocol=tcp dst-port=80 src-address-list=!Ok action=redirect to-ports=8080 comment=sysadmin

:

/ip firewall nat move [find comment=sysadmin] destination=0

Winbox   

Ok :

/ip firewall filter add disabled=no chain=input protocol=tcp dst-port=8080 action=add-src-to-address-list address-list=Ok address-list-timeout=15m comment=sysadmin

timeout 15

Winbox  

http . 15 .

.

. :
( ). (pptp, l2tp, pppoe) dhcp , ( ), . . . . . URL - . ...

PS
.
. address-list-timeout . , , Ok

:
Manual:IP/Proxy
How to make transparent web proxy
MikroTIK +

Source: https://habr.com/ru/post/231103/

All Articles

We remind everyone in the office to congratulate the Sysadmin

More articles: