Setting Mikrotik Dan Proxy External IpCop

Kebutuhan akan akses jaringan yang cepat sangat penting, tapi bagaimana dengan bandwidth yang pas-pasan terutama di daerah, paling tinggi untuk acces speedy cuma paket 1Mb, untuk 5-10 PC warnet game online dan browsing sudah ngosh-ngoshan, apalagi client yang doyan download dan nonton you tube?
Ada yang mengatasi dengan memasang 2 line speedy 1Mb, agar bandwidth speedy bisa mencapai 2Mb, apa itu bisa? . Loadbalance solusinya..   Entahlah

Akhirnya Warnet Pakai Speedy mencoba menggabungkan Mikrotik RB750 dengan Proxy External IpCop dan walaupun belum menemukan settingan yang memuaskan tapi cukup membatu terutama untuk Update game online seperti PB dan LS dan game online lainnya, ada perubahan saat mengakses halaman Web yang sudah pernah di buka, cukup cepat..

Berikut ini Screen Shootnya..

Proxy Hit

Squid Log

Untuk sementara Warnet Pakai Speedy merasa tenang, karena klient yang berteriak leg, sudah berkurang walaupun ada yang teriak tapi maklum setelah Warnet Pakai SPeedy perhatikan disebabkan oleh ping dari google atau DNS speedy yang telah pada waktu dan hari-hari tertentu, contohnya hari ini , Jum,at
Perhatikan Screenshoot dari ping ke Google

Ping Google.com

Jika ada yang ingin mencoba mencoba silahkan..
Untuk tutorialnya ada di blog warnet pakai speedy ini..

Tambahan :
Untuk settingg squid.conf  IpCop Warnet pakai SPeedy menggunakan seperti dibawah ini :

# Do not modify '/var/ipcop/proxy/squid.conf' directly since any changes
# you make will be overwritten whenever you resave proxy settings using the
# web interface!
#
# Instead, modify the file '/var/ipcop/proxy/advanced/acls/include.acl' and
# then restart the proxy service using the web interface. Changes made to the
# 'include.acl' file will propagate to the 'squid.conf' file at that time.

shutdown_lifetime 5 seconds
icp_port 0

http_port 192.168.5.2:3128 transparent
#tcp_outgoing_tos 0x30 localnet
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#End of custom includes

cache_effective_user squid
cache_effective_group squid
umask 022

pid_filename /var/run/squid.pid

cache_mem 8 MB
cache_dir aufs /var/log/cache 1000 16 256

error_directory /usr/lib/squid/advproxy/errors.ipcop/English

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none

log_mime_hdrs off
forwarded_for off
via off

acl within_timeframe time MTWHFAS 00:00-24:00

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 563 # snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 3128 # Squids port (for icons)

acl IPCop_http  port 81
acl IPCop_https port 445
acl IPCop_ips              dst 192.168.5.2
acl IPCop_networks         src "/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl IPCop_servers          dst "/var/ipcop/proxy/advanced/acls/src_subnets.acl"
acl IPCop_green_network    src 192.168.5.0/255.255.255.0
acl IPCop_green_servers    dst 192.168.5.0/255.255.255.0
acl CONNECT method CONNECT
#Start of custom includes

cache_swap_low 98
cache_swap_high 99
maximum_object_size_in_memory 64 KB
ipcache_size 8192
cache_vary on
ipcache_low 98
ipcache_high 99

# Add File Extension you want to cache
refresh_pattern -i \.(jp?g|gif|pnp|png|\?bm?)$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.jar$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dll$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.klz$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dif$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.avi$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.iso$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.3gp$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.mpeg$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.xml$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.exe$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.zip$ 0 90% 40320 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.rar$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.mp3$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dll$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.rar$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.npz$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.cfg$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.ver$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.erl$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.npz$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.xt$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.xtp$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.cfg$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.des$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.new$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.t2bk$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.smd$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.gi$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.dat$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.luc$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.flv$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.html$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.htm$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.php$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.jsp$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.swf$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.bin$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.pdf$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i \.mp4$ 0 90% 43200 ignore-reload override-expire reload-into-ims
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 ignore-reload override-expire reload-into-ims

refresh_pattern /.gif 4320 50% 43200
refresh_pattern /.jpg 4320 50% 43200
refresh_pattern /.jpeg 4320 50% 43200
refresh_pattern /.png 4320 50% 43200
refresh_pattern ^http://www.friendster.com/.* 720 100% 10080
refresh_pattern ^http://mail.yahoo.com/.* 720 100% 10080
refresh_pattern ^http://*.yahoo.*/.* 720 100% 7200
refresh_pattern ^http://*.google.com/.* 720 100% 10080
refresh_pattern ^http://www.telkomspeedy.com/.* 720 100% 28800
refresh_pattern ^http://*.blogsome.com/.* 720 80% 10080
refresh_pattern ^http://*.gemscool.com/.* 720 80% 10080

refresh_pattern ^http://*.wordpress.com/.* 720 80% 10080

refresh_pattern ^http://*.detik.com/.* 720 90% 2880

refresh_pattern ^http://*.facebook.com/.* 720 90% 2880
refresh_pattern ^http://*.akamaihd.*/.* 720 90% 2880

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
##--------------
quick_abort_min 0
quick_abort_max 0
quick_abort_pct 98
store_avg_object_size 32 KB
log_fqdn off
log_icp_queries off
memory_pools off
log_ip_on_direct off
log_mime_hdrs off
buffered_logs off
icp_hit_stale on
query_icmp on
reload_into_ims on
pipeline_prefetch on
vary_ignore_expire on

#acl download url_regex -i ftp .mp3 .vqf .flv .tar.gz .exe .mpeg .mp2 .mp4 .torent .gz .rpm .zip .rar .avi .3gp .mov .mpe .mpg .qt .ram .rm .iso .raw .wav .pdf .wmv .wma .ogg .doc
#acl download url_regex -i \.exe$ \.mp3$ \.vqf$ \.gz$ \.rpm$ \.zip$ \.rar$ \.pdf$ \.doc$ \.avi$ \.mpe$ \.mpg$ \.qt$ \.ram$ \.rm$ \.iso$ \.dat$ \.raw$ \.wav$ \.mp4$ \.mpeg$ \.3gp$ \.flv$
#delay_pools 1
#delay_class 1 1
#delay_parameters 1 24000/24000
#delay_access 1 deny IPCop_ips
#delay_access 1 allow download
#delay_initial_bucket_level 100

#Access to squid:
#local machine, no restriction
http_access allow         localhost

#GUI admin if local machine connects
http_access allow         IPCop_ips IPCop_networks IPCop_http
http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https

#Deny not web services
http_access deny          !Safe_ports
http_access deny  CONNECT !SSL_ports

#Prevent internal proxy access to Green
http_access deny IPCop_green_servers !IPCop_green_network

#Set custom configured ACLs
http_access allow IPCop_networks within_timeframe
http_access deny  all

#Strip HTTP Header
header_access X-Forwarded-For deny all
header_access Via deny all

maximum_object_size 10096 KB
minimum_object_size 0 KB

request_body_max_size 0 KB
reply_body_max_size 0 allow all

visible_hostname garashinet.localdomain

Agar Hit dapat di Access oleh mikrotik warnet pakai speedy menambahkan ini pada etc/rc.d/rc.local

route add default gateway 192.168.5.1
iptables -A PREROUTING -t nat -j REDIRECT -p tcp -s 192.168.0.0/24 -d 0/0 --dport 80 --to-ports 3128
iptables -A INPUT -p tcp -s 0.0.0.0/0 -d 192.168.5.2 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.5.2 --sport 3128 -d 0.0.0.0/0 -m state --state ESTABLISHED -j ACCEPT

Demikianlah Setting Mikrotik dan Proxy External IpCop
Semoga bisa membantu..