Tabela Filter entramos com essas regras:

/ip firewall filter

add action=accept chain=forward comment="RECEBE CONEXOES" disabled=no src-addres
s=192.168.10.0/30

Nat:
/ip firewall nat
add action=dst-nat chain=dstnat comment=PROXY-CACHE-LUSCA-REDIRECT disabled=no d
st-port=80 protocol=tcp src-address=\
10.2.2.0/25 to-addresses=192.168.10.2 to-ports=3129
/ip firewall nat
add action=dst-nat chain=dstnat comment="Redirect BFW Cache" disabled=no dst-por
t=53 protocol=tcp src-address=192.168.10.0/24 \
to-addresses=192.168.10.2 to-ports=53

Mangle:
/ip firewall mangle
add action=mark-connection chain=postrouting comment="TOS 12====================
===========================================\
======================================================" disabled=no dscp=12
new-connection-mark=proxy-hits \
passthrough=yes protocol=tcp src-address=192.168.10.2
add action=mark-packet chain=postrouting connection-mark=proxy-hits disabled=no
new-packet-mark=proxy-squid passthrough=\
yes
add action=mark-connection chain=postrouting comment="PROXY-CACHE-LUSCA-bfw-cust
omize====================================================\
==================================================" content="X-Cache: HIT fr
om BFW Cache" disabled=no \
new-connection-mark=bfw-connection passthrough=yes protocol=tcp src-address=
192.168.10.2
add action=mark-packet chain=postrouting connection-mark=bfwcache-connection dis
abled=no new-packet-mark=bfwcache-packs \
passthrough=yes
add action=mark-connection chain=postrouting comment=\
"SERVER CACHE =============================================================
=========================================" \
 content="X-Cache: HIT from BFW Cache" disabled=no new-connection-mark=bfw-co
nnection passthrough=yes protocol=tcp \
src-address=192.168.10.2

CRIAR AS CONFIGURAES DE CONTROLE DE BANDA (QUEUES)

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-lim
it=20M name="T -cache_hits" packet-mark=\
proxy-squid parent=global-out priority=4 queue=default