tutorial server ubuntu.pdf

3
Hasrijal Haddade, S.Kom., M.T. 1 SMK Lania ng Makass ar TKJ 2014 TUTORI AL UBUNTU SERVER 12.04 Asumsi Eth0 : IP 192.168.1.10 (Yang terhubung ke internet dengan nameserver : 192.168.1.1) Eth1 : I P 192.168.50.1 (Yang ter hubung ke LAN, IP Client 192.168.50.2-192.168.50.254) 1. In st al Linux Ubunt u 2. # ifconfig 3. # ifcon fig et h0 up 4. # ifcon fig et h1 up 5. # ifconfig 6. # nano /etc/net work /interfaces ------------------------------------------------------------------------- auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.1.10 netmask 255.255.255.0 gateway 192.168.1.1 network 192.168.1.0 broadcast 192.168.1.255 dns-nameservers 192.168.1.1 auto eth1 iface eth1 inet static address 192.168.50.1 netmask 255.255.255.0 network 192.168.50.0 broadcast 192.168.50.255 ------------------------------------------------------------------------- 7. # /e tc/i ni t. d/ networ ki ng res tart Konfigurasi routing (iptables) 8. # nano /e tc /s ys ct l. conf  Cari kata berikut, hilangkan tanda pagar didepannya ------------------------------------------------------------------------- net.ipv4.ip_forward=1 9. # sudo sys ctl -w net.ipv4.ip_forward=1

Upload: hasrijal

Post on 17-Oct-2015

21 views

Category:

Documents


0 download

DESCRIPTION

Ubuntu server 12.04

TRANSCRIPT

  • Hasrijal Haddade, S.Kom., M.T.

    1 SMK Laniang Makassar TKJ 2014

    TUTORIAL UBUNTU SERVER 12.04

    AsumsiEth0 : IP 192.168.1.10 (Yang terhubung ke internet dengan nameserver : 192.168.1.1)Eth1 : IP 192.168.50.1 (Yang terhubung ke LAN, IP Client 192.168.50.2-192.168.50.254)

    1. Instal Linux Ubuntu2. # ifconfig3. # ifconfig eth0 up4. # ifconfig eth1 up5. # ifconfig6. # nano /etc/network/interfaces

    -------------------------------------------------------------------------

    auto loiface lo inet loopback

    auto eth0iface eth0 inet staticaddress 192.168.1.10netmask 255.255.255.0gateway 192.168.1.1network 192.168.1.0broadcast 192.168.1.255dns-nameservers 192.168.1.1

    auto eth1iface eth1 inet staticaddress 192.168.50.1netmask 255.255.255.0network 192.168.50.0broadcast 192.168.50.255-------------------------------------------------------------------------

    7. # /etc/init.d/networking restart

    Konfigurasi routing (iptables)8. # nano /etc/sysctl.conf

    Cari kata berikut, hilangkan tanda pagar didepannya-------------------------------------------------------------------------

    net.ipv4.ip_forward=19. # sudo sysctl -w net.ipv4.ip_forward=1

  • Hasrijal Haddade, S.Kom., M.T.

    2 SMK Laniang Makassar TKJ 2014

    10. # sudo /sbin/iptables -P FORWARD ACCEPT11. # sudo /sbin/iptables - -table nat -A POSTROUTING -o eth0 -j MASQUERADE

    Taruh di rc.local, agar konfigurasi tidak hilang:# nano /etc/rc.local-------------------------------------------------------------------------

    sudo /sbin/iptables -P FORWARD ACCEPTsudo /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADEexit 0

    Konfigurasi Proxy12. #apt-get update13. #apt-get install squid14. #nano etc/squid3/squid.conf (bagian editan)15. cari (ctrl +w) Network Options kemudian panah kebawah cari #http_port 3128 ---> hapus

    tanda pagarnya. trus tambahkan transparent di belakang 3128, jadinyahttp_port 3128 transparentcari lagi (ctrl+w) # administrative parameters kemudian tekan panah kebawah cari dibagian bawahnya. tulisan # visible_hostname web master. (hapus pagarnya). Jadivisible_hostname www.smklaniang.sch.idADMINISTRATIVE PARAMETERS# =====================#cache_mgr webmastercache_effective_user proxycache_effective_group proxyhttpd_suppress_version_string onvisible_hostname proxy

    ADMINISTRATIVE PARAMETERS# =====================#cache_mgr [email protected]_effective_user proxycache_effective_group proxyhttpd_suppress_version_string onvisible_hostname www.smklaniang.sch.id

    cari (ctrl+w) cache_log-------------------------------------------------------------------------

    #Default#cache_log /var/log/squid3/cache.log (Hilangkan pagarnya) jadicache_log /var/log/squid3/cache.log

  • Hasrijal Haddade, S.Kom., M.T.

    3 SMK Laniang Makassar TKJ 2014

    cari (ctrl+w) acl localhost. kalo sudah dapat, tambahkan acl lan src 192.168.50.0 diantaraacl local host src dan acl to_localhost dst. setelah itu. di bawahnya acl lan src, tambahkanacl blokir dstdomain .facebook.com .youtube.comjadinya:acl local host src 127.0.0.1/32acl lan src 192.168.50.0/24acl blokir dstdomain .facebook.com .youtube.comacl to_localhost dst 127.0.0.0/8 0.0.0.0/32cari kebawah-bawah lagi. sampai dapat

    # http_access deny all# only allow cachemgr access from localhosthttp_access deny blokirhttp_access allow manager localhosthttp_access allow lanhttp_access deny managerKemudian save (ctrl+o) baru exit (ctrl+x)

    16. #squid3 -z (kalau sudah ada keterangan running artinya berhasil)17. #squid3 -k reconfigure18. #/etc/init.d/squid3 restart19. #sudo /sbin/iptables -t nat I PREROUTING i eth1 p tcp m tcp --dport 80 j

    REDIRECT --to-ports 312820. #sudo /sbin/iptables -t nat I PREROUTING i eth1 p udp m udp --dport 80 j

    REDIRECT --to-ports 312821. #nano /etc/rc.local

    -------------------------------------------------------------------------

    sudo /sbin/iptables -P FORWARD ACCEPTsudo /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADEsudo /sbin/iptables -t nat I PREROUTING i eth1 p tcp m tcp --dport 80 jREDIRECT --to-ports 3128sudo /sbin/iptables -t nat I PREROUTING i eth1 p udp m udp --dport 80 jREDIRECT --to-ports 3128exit 0Kemudian save (ctrl+o baru exit (ctrl+x)

    22. Cek konfigurasi squid#tail f /var/log/squid3/cache.log

    Kemudian cek koneksi ke Client dengan menghubungkan satu atau beberapa komputer (PC)IP Address 192.168.50.2 - 254Netmask 255.255.255.0Gateway 192.168.50.1Prefered dns server 192.168.50.1