PERINTAH UNTUK PROXY SERVER
Setting Static IP
(eth0=external LAN, eth1=internal LAN)
1. Disable Network Manager
sudo update-rc.d -f NetworkManager remove
sudo apt-get remove network-manager network-manager-gnome
2. Edit File /etc/network/interfaces >>
# sudo gedit /etc/network/interfaces
lalu masukkan parameter2 berikut :
auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
auto eth1
iface eth1 inet static
address 192.168.50.1
netmask 255.255.255.0
network 192.168.50.0
broadcast 192.168.50.255
3. Edit File /etc/resolv.conf >>
# sudo gedit /etc/resolv.conf
lalu masukkan parameter2 berikut :
nameserver 202.134.1.10
nameserver 202.134.0.155
4. Restart Network >> sudo /etc/init.d/networking restart
5. Test >> ping google.com
instalasi squid....
1. instal squid
# sudo apt-get install squid
Cara Updates (update dilakukan apa bila dinstal tidak bisa, diinstal terlebih dahulu)
cara update
# sudo apt-get update
2. first backup file squid.conf
# sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.bak
3. Edit file squid.conf
# sudo gedit /etc/squid/squid.conf
isi dari jendela perintah squid :
4. Creating user and group squid
# sudo adduser squid
5. Make a directory used for Squid
# sudo mkdir /usr/local/squid
6. Creating cache directory
# sudo mkdir /usr/local/squid/cache
7. Making a log cache file which function to monitor activity of client computer
# sudo touch /usr/local/squid/cache.log
8. Making a log cache file which function to monitor activity of server computer
# sudo touch /usr/local/squid/access.log
9. Changing the file permissions on the directory squid
# chown -Rf squid.squid /usr/local/squid
# sudo chown squid.squid /var/spool/squid -Rf
# sudo chown squid.squid -Rf /ec/squid
10. Create cache directory structure, should be as user root
# sudo su
# cd /etc/squid
# squid -z
11. Test squid
# squid -d l -D
12. Running Squid
# squid -sYD
13. Viewing events from client computer
# tail -f/ usr/local/squid/access.log
14. restart squid
# sudo /etc/init.d/squid restart
15. kalau terjadi fatal harus di chmod seperti dibawah
# sudo chmod -R 777 /usr/local/squid
lalu
16. masuk dan edit rc lokal
# sudo gedit /etc/rc.local
isikan dibawah ini.......
iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.50.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -A POSTROUTING -t nat -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
17. restart squid
# sudo /etc/init.d/squid restart
18. masuk jendela yang berisi alamat web yang akan di blokir
# sudo gedit /etc/squid/pornourl.txt
19. setelah di isi alamat yang akan di blokir, klik save kemudian close.
20.lalu restart squid.
# sudo /etc/init.d/squid restart
Kemudian aktifkan firewall dengan mengklik turn
windows defender firewall.
Untuk melakukan
setting program, range IP address, ataupun port mana saja yang
diperbolehkan untuk mengakses jaringan, baik untuk akses masuk (inbound)
ataupun akses keluar (outbound), bisa melakukan pengaturan di Control
Panel > Advanced Setting, setelah itu dibagian kiri pilih opsi Inbound Rules atau Outbound Rules.
·
Inbound rules :
Untuk menambahkan
pengaturan rules baru klik menu New Rule, lalu pilih tipe
rule yang ingin dibuat (program, port, predifined setting, dan custom rule)
lalu ubah nilainya sesuai dengan kebutuhan dan tentukan aksi yang akan
dilakukan apakah akan memblokir atau mengijinkan koneksi ke jaringan.
Tidak ada komentar:
Posting Komentar