Selasa, 19 Februari 2013

Contoh Setting Debian


nano /etc/network/interfaces
# The LAN Interface
auto eth0
iface eth0 inet static
address 192.168.0.251
netmask 255.255.255.0
gateway 192.168.0.254
# The WAN Interface
auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
Restart kartu jaringan  /etc/init.d/networking restart
 setelah setting IP Address masuk ke bind9 dengan cara di bawah ini
 debian-server:/home/pudja# apt-get install bind9
 
debian-server:/home/pudja# nano /etc/bind/named.conf
#. . .
zone " smkn1bunut.sch.id " {  //Zone Domain anda
type master;
file "db.debian";     //lokasi file FORWARD, default di /var/cache/bind/
};
zone "192.in-addr.arpa" {  //1 blok ip paling depan
type master;
file "db.192";     //lokasi file REVERSE, default di /var/cache/bind/
};
include "/etc/bind/named.conf.local"; //membuat file named.conf.local di process
 
debian-server:/home/pudja# cd /etc/bind/
debian-server:/etc/bind# cp db.local /var/cache/bind/db.debian
debian-server:/etc/bind# nano /var/cache/bind/db.debian
 
$TTL   604800
@   IN   SOA   smkn1bunut.sch.id. root.smkn1bunut.sch.id. (
  2   ; Serial
  604800     ; Refresh
  86400   ; Retry
  2419200   ; Expire
  604800 )    ; Negative Cache TTL
@   IN   NS   smkn1bunut.sch.id.
@   IN   A   192.168.1.1
@   IN   A A A A   ::192.168.1.1
 
debian-server:/etc/bind# cp db.127 /var/cache/bind/db.192
debian-server:/etc/bind# nano /var/cache/bind/db.192
  $TTL   604800
  @   IN   SOA   smkn1bunut.sch.id. root. smkn1bunut.sch.id. (
  1   ; Serial
  604800     ; Refresh
  86400   ; Retry
  2419200   ; Expire
  604800 )   ; Negative Cache TTL
  ;
  @   IN   NS   smkn1bunut.sch.id.  
  1.1.168   IN   PTR   smkn1bunut.sch.id. 
 
debian-server:/etc/bind# nano /etc/resolv.conf
nameserver 192.168.1.1
nameserver 8.8.8.8
 
debian-server:~# nano /etc/sysctl.conf
cari tulisan seperti dibawah ini dan hapus tanda pagar “#” sebelumnya
# net.ipv4.ip_forward=1  
Sehingga menjadi
net.ipv4.ip_forward=1
 
debian-server:~# apt-get install squid
debian-server:~# nano /etc/squid/squid.conf
 
tekan CTRL + W. Setelah itu, cari dan edit bagian berikut;
http_port 3128 transparent   #tambahkan “transparent”
cache_mem 256 MB   #kurang-lebih ¼ dari memory
cache_mgr nama peserta@smkn1bunut.sch.id
visible_hostname proxy.smkn1bunut.sch.id
Kemudian cari tulisan acl CONNECT, dan tambahkan tulisan dibawah ini tepat di bawahnya.
acl url dstdomain “/etc/squid/url  #domain yang di blok
acl key url_regexi “/etc/squid/key”  #kata yang di blok
http_access deny url
http_access deny key
acl lan src 192.168.50.0/24   #ip lokal
http_access allow lan
http_access allow all
 
debian-server:~# cd /etc/squid/
debian-server:/etc/squid# nano url
facebook.com
youtube.com
debian-server:/etc/squid# nano key
porn
sex
 
debian-server:/etc/squid# squid –z
 
debian-server:~#nano /etc/rc.local
tambahkan scrip ini dibawah tulisan # By default this script does nothing.
iptables –t nat –A POSTROUTING –s 192.168.50.0/24 -j MASQUERADE
iptables-save > /etc/iptables
echo “up command iptables-restore < /etc/iptables” >> /etc/network/interfaces
iptables –t nat –A PREROUTING –s 192.168.50.0/24 –p tcp --dport 80 –j REDIRECT --to-port 3128
iptables-save > /etc/iptables

0 comments:

Posting Komentar