tutorial server ubuntu.pdf
DESCRIPTION
Ubuntu server 12.04TRANSCRIPT
-
Hasrijal Haddade, S.Kom., M.T.
1 SMK Laniang Makassar TKJ 2014
TUTORIAL UBUNTU SERVER 12.04
AsumsiEth0 : IP 192.168.1.10 (Yang terhubung ke internet dengan nameserver : 192.168.1.1)Eth1 : IP 192.168.50.1 (Yang terhubung ke LAN, IP Client 192.168.50.2-192.168.50.254)
1. Instal Linux Ubuntu2. # ifconfig3. # ifconfig eth0 up4. # ifconfig eth1 up5. # ifconfig6. # nano /etc/network/interfaces
-------------------------------------------------------------------------
auto loiface lo inet loopback
auto eth0iface eth0 inet staticaddress 192.168.1.10netmask 255.255.255.0gateway 192.168.1.1network 192.168.1.0broadcast 192.168.1.255dns-nameservers 192.168.1.1
auto eth1iface eth1 inet staticaddress 192.168.50.1netmask 255.255.255.0network 192.168.50.0broadcast 192.168.50.255-------------------------------------------------------------------------
7. # /etc/init.d/networking restart
Konfigurasi routing (iptables)8. # nano /etc/sysctl.conf
Cari kata berikut, hilangkan tanda pagar didepannya-------------------------------------------------------------------------
net.ipv4.ip_forward=19. # sudo sysctl -w net.ipv4.ip_forward=1
-
Hasrijal Haddade, S.Kom., M.T.
2 SMK Laniang Makassar TKJ 2014
10. # sudo /sbin/iptables -P FORWARD ACCEPT11. # sudo /sbin/iptables - -table nat -A POSTROUTING -o eth0 -j MASQUERADE
Taruh di rc.local, agar konfigurasi tidak hilang:# nano /etc/rc.local-------------------------------------------------------------------------
sudo /sbin/iptables -P FORWARD ACCEPTsudo /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADEexit 0
Konfigurasi Proxy12. #apt-get update13. #apt-get install squid14. #nano etc/squid3/squid.conf (bagian editan)15. cari (ctrl +w) Network Options kemudian panah kebawah cari #http_port 3128 ---> hapus
tanda pagarnya. trus tambahkan transparent di belakang 3128, jadinyahttp_port 3128 transparentcari lagi (ctrl+w) # administrative parameters kemudian tekan panah kebawah cari dibagian bawahnya. tulisan # visible_hostname web master. (hapus pagarnya). Jadivisible_hostname www.smklaniang.sch.idADMINISTRATIVE PARAMETERS# =====================#cache_mgr webmastercache_effective_user proxycache_effective_group proxyhttpd_suppress_version_string onvisible_hostname proxy
ADMINISTRATIVE PARAMETERS# =====================#cache_mgr [email protected]_effective_user proxycache_effective_group proxyhttpd_suppress_version_string onvisible_hostname www.smklaniang.sch.id
cari (ctrl+w) cache_log-------------------------------------------------------------------------
#Default#cache_log /var/log/squid3/cache.log (Hilangkan pagarnya) jadicache_log /var/log/squid3/cache.log
-
Hasrijal Haddade, S.Kom., M.T.
3 SMK Laniang Makassar TKJ 2014
cari (ctrl+w) acl localhost. kalo sudah dapat, tambahkan acl lan src 192.168.50.0 diantaraacl local host src dan acl to_localhost dst. setelah itu. di bawahnya acl lan src, tambahkanacl blokir dstdomain .facebook.com .youtube.comjadinya:acl local host src 127.0.0.1/32acl lan src 192.168.50.0/24acl blokir dstdomain .facebook.com .youtube.comacl to_localhost dst 127.0.0.0/8 0.0.0.0/32cari kebawah-bawah lagi. sampai dapat
# http_access deny all# only allow cachemgr access from localhosthttp_access deny blokirhttp_access allow manager localhosthttp_access allow lanhttp_access deny managerKemudian save (ctrl+o) baru exit (ctrl+x)
16. #squid3 -z (kalau sudah ada keterangan running artinya berhasil)17. #squid3 -k reconfigure18. #/etc/init.d/squid3 restart19. #sudo /sbin/iptables -t nat I PREROUTING i eth1 p tcp m tcp --dport 80 j
REDIRECT --to-ports 312820. #sudo /sbin/iptables -t nat I PREROUTING i eth1 p udp m udp --dport 80 j
REDIRECT --to-ports 312821. #nano /etc/rc.local
-------------------------------------------------------------------------
sudo /sbin/iptables -P FORWARD ACCEPTsudo /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADEsudo /sbin/iptables -t nat I PREROUTING i eth1 p tcp m tcp --dport 80 jREDIRECT --to-ports 3128sudo /sbin/iptables -t nat I PREROUTING i eth1 p udp m udp --dport 80 jREDIRECT --to-ports 3128exit 0Kemudian save (ctrl+o baru exit (ctrl+x)
22. Cek konfigurasi squid#tail f /var/log/squid3/cache.log
Kemudian cek koneksi ke Client dengan menghubungkan satu atau beberapa komputer (PC)IP Address 192.168.50.2 - 254Netmask 255.255.255.0Gateway 192.168.50.1Prefered dns server 192.168.50.1