Kamis, 05 September 2013

Konfigurasi Router

2.Router
IP eth0 : 202.150.100.10/28
IP eth1  : 195.0.0.1/28
router:~# nano  /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 202.150.100.10
                netmask 255.255.255.240
                network 202.150.100.0
                broadcast 202.150.100.15
                gateway 202.150.100.1
                dns-nameserver 202.150.100.1

auto eth1
iface eth1 inet static
                address 195.0.0.1
                netmask 255.255.255.240
                network 195.0.0.0
                broadcast 195.0.0.15
                gateway 202.150.100.10
                dns-nameserver 202.150.100.1
(lalu simpan)
Ctrl+x, lalu y, tekan enter
Sambungkan pc router dengan pc server dengan kabel
router:~# /etc/init.d/networking restart
router:~# ping 202.150.100.10
router:~# ping 195.0.0.1
router:~# ping 202.150.100.1

router:~# nano  /etc/resolv.conf
nameserver  202.150.100.1
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~# iptables  -A  FORWARD  -i  eth0  -o  eth1  -s  195.0.0.0  -m  conntrack  --ctstate  NEW  -j  ACCEPT
router:~# iptables  -A  POSTROUTING  -t  nat  -j  MASQUERADE
router:~# echo   “1”>/proc/sys/net/ipv4/ip_forward
router:~# nano  /etc/rc.local

pindahkan kursor ke paling bawah

#exit 0                                                  (hapus dan edit seperti dibawah ini)

iptables  -F
iptables  -P  INPUT ACCEPT
iptables  -A  INPUT  -p  tcp  -m  multiport  --ports  6667:6669  -j  DROP
iptables  -A  INPUT  -p  tcp  -m  multiport  --ports  23  -j  DROP
iptables  -A  INPUT  -p  tcp  -m  multiport  --ports  194  -j  DROP
iptables  -A  INPUT  -p  tcp  -m  multiport  --ports  994  -j  DROP
iptables  -A  INPUT  -p  tcp  -m  multiport  --ports  5050  -j  DROP

exit 0

(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#   /etc/init.d/rc.local  start   (start bukan restart)
router:~#   iptables  -nL
router:~#   apt-cdrom add
router:~#   apt-get install bind9 squid
router:~#   nano  /etc/squid/squid.conf









Ctrl+w  (ketik tulisan dibawah ini)
acl connect method connect 
                                                                                                                                                   
Jika sudah ketemu tambahkan dibawahnya dan akan menjadi seperti berikut
acl connect method connect 
acl badurl dstdomain “/etc/squid/social.network”
acl lan src 202.150.100.0/28
http_access deny badurl
http_access allow lan

Ctrl+w (ketik tulisan dibawah ini)
http_port 3128 

Tambahkan transparent  di belakang  http_port 3128 (akan menjadi seperti dibawah)
http_port 3128  transparent

(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~# nano  /etc/squid/squid.network
masukkan daftar url yang ingin di blok
twitter.com
facebook.com
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~# /etc/init.d/squid restart
router:~# nano  /etc/network/interfaces
tambah seperti yang didalam kotak

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 202.150.100.10
                netmask 255.255.255.240
                network 202.150.100.0
                broadcast 202.150.100.15
                gateway 202.150.100.1
                dns-nameserver 202.150.100.1

auto eth1
iface eth1 inet static
                address 195.0.0.1
                netmask 255.255.255.240
                network 195.0.0.0
                broadcast 195.0.0.15
                gateway 202.150.100.10
                dns-nameserver 202.150.100.1
auto eth0:1
iface eth0:1 inet static
                address 195.0.0.2
                netmask 255.255.255.240
auto eth0:2
iface eth0:2 inet static
                address 195.0.0.3
                netmask 255.255.255.240
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#  nano  /etc/hosts                                                         (isi seperti berikut)

195.0.0.1              server.tarunabhakti.sch.id           server
195.0.0.2              twitter.com                                        twitter
195.0.0.3              facebook.com                                   facebook
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#  nano  /etc/resolv.conf                                             (isi seperti berikut)
search  tarunabhakti.com
nameserver 195.0.0.1
search twitter.com
nameserver 195.0.0.2
search facebook.com
nameserver 195.0.0.3
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#  nano  /etc/bind/named.conf
pindahkan kursor ke paling bawah lalu tambahkan seperti berikut
zone  “twitter.com”{
type master;
file  “/etc/bind/db.twitter”;
};
zone  “facebook.com”{
type master;
file  “/etc/bind/db.facebook”;
};
Include  “/etc/bind/named.conf.local”;
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#  cp  /etc/bind/db.local  /etc/bind/db.twitter
router:~#  cp  /etc/bind/db.local  /etc/bind/db.facebook
router:~#   nano  /etc/bind/db.twitter
Crtl+w lalu Crtl+r, ketik localhost enter, ketik twitter.com enter lalu tekan A
@            IN           NS          twitter.com.
twitter.com        IN           A                             195.0.0.2
www                     IN           CNAME                                twitter.com.
@                            IN           AAA                       ::1
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#   nano  /etc/bind/db.facebook
Crtl+w lalu Crtl+r, ketik localhost enter, ketik facebook.com enter lalu tekan A
@            IN           NS          facebook.com.
twitter.com        IN           A                             195.0.0.2
www                     IN           CNAME                                facebook.com.
@                            IN           AAA                       ::1
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#   iptables-save  >/var/cache/iptables
router:~#    nano  /etc/network/interfaces                          (paling bawah tambahkan tulisan)
up commend  iptables-restore  >/var/cache/iptables
(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~#    /etc/init.d/bind9  restart
router:~#    /etc/init.d/squid  restart
router:~#    nslookup  twitter.com
router:~#    nslookup  facebook.com
router:~#    w3m  twitter.com
router:~#    w3m  facebook.com
router:~# apt-get install dhcp3-server
router:~# nano /etc/dhcp3/dhcpd.conf

# A slightly different configuration for an internal subnet.
subnet 195.0.0.0 netmask 255.255.255.240 {
  range 195.0.0.5 195.0.0.12;
  option domain-name-servers 202.150.100.1;
  option domain-name "tarunabhakti.sch.id";
  option routers 195.0.0.1;
  option broadcast-address 195.0.0.15;
  default-lease-time 600;
  max-lease-time 7200;
}

(lalu simpan)
Ctrl+x, lalu y, tekan enter
router:~# /etc/init.d/dhcp3-server  restart


--==THE END==--

19
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)