KONFIGURASI DI DALAM DEBIAN
Konfigurasi Proxy Di Debian
A. Konfigurasi Squid (Proxy)
Pertamas sekali sebelum setting squid (proxy) kita harus merubah angka 0 jadi 1 pada file di /proc/sys/net/ipv4/ip_forward. Dengan edit filesysctl.conf di dalam “/etc/sysctl.conf”
pada :
# net.ipv4.conf.default.rp_filter=1 => hilangkan tanda # nya
# net.ipv4.conf.all.rp_filter=1 => hilangkan tanda # nya
# net.ipv4.tcp_syncookies=1 => hilangkan tanda # nya
#apt-get install squid
#mcedit /etc/squid/squid.conf
kemudian cari tulisan :acl CONNECT method CONNECT Tambah teks dbawah ini di dalam file squid.conf dibawahx acl CONNECT method CONNECT
acl sex dstdom_regex “/etc/sex”
acl lan src 192.168.2.0/24
http_access deny sex
http_access allow lan
http_access allow all
# net.ipv4.conf.all.rp_filter=1 => hilangkan tanda # nya
# net.ipv4.tcp_syncookies=1 => hilangkan tanda # nya
#apt-get install squid
#mcedit /etc/squid/squid.conf
kemudian cari tulisan :acl CONNECT method CONNECT Tambah teks dbawah ini di dalam file squid.conf dibawahx acl CONNECT method CONNECT
acl sex dstdom_regex “/etc/sex”
acl lan src 192.168.2.0/24
http_access deny sex
http_access allow lan
http_access allow all
– tambahkan teks diatas, di bawahx acl CONNECT dalam “/etc/squid/squid.conf”
lalu save
kemudian
cari dan tambahkan+ ( hilangkan tanda # )
http_port 3128 transparent -> port default proxy => yg transparent baru ditambahkan ( harus dtambah teks transparent )
lalu save
kemudian
cari dan tambahkan+ ( hilangkan tanda # )
http_port 3128 transparent -> port default proxy => yg transparent baru ditambahkan ( harus dtambah teks transparent )
cache_mem 16 mb
cache_dir ufs /var/spool/squid 500 16 256
cache_mgr admin@pephy.com
visible_hostname proxy.tkj.com -> nama visible hostname kamu
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
-kemudian buat folder dengan sex di “/etc”
cache_dir ufs /var/spool/squid 500 16 256
cache_mgr admin@pephy.com
visible_hostname proxy.tkj.com -> nama visible hostname kamu
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
-kemudian buat folder dengan sex di “/etc”
-lalu isikan situs yang ingin diblok didalam folder sex
Contohnya :
-www.facebook.com
-www.google.com
-www.debian.org
Setelah itu :
Contohnya :
-www.facebook.com
-www.google.com
-www.debian.org
Setelah itu :
-mcedit /etc/network/interface
Isikan teks dibawah ini, diatasnya allow-hotplug eth1
allow hotplug-eth0
iface eth0 inet static
klik tombol tab address 172.0.1.100 => isi sesuai eth0 server yang ada
klik tombol tab netmask 255.255.255.0
klik tombol tab network 172.0.1.0
klik tombol tab broadcast 172.0.1.255
klik tombol tab gateway 172.0.1.1
Isikan teks dibawah ini, diatasnya allow-hotplug eth1
allow hotplug-eth0
iface eth0 inet static
klik tombol tab address 172.0.1.100 => isi sesuai eth0 server yang ada
klik tombol tab netmask 255.255.255.0
klik tombol tab network 172.0.1.0
klik tombol tab broadcast 172.0.1.255
klik tombol tab gateway 172.0.1.1
buat sama dengan eth1 tapi ganti eth1 nya jadi eth0 terus ganti address,netmask,network,broadcast,gateway dengan contoh ip server yg z gunakan : 172.0.1.1
setelah itu isi auto eth0 di bagian paling bawah dalam “/etc/network/interface“.
setelah itu isi auto eth0 di bagian paling bawah dalam “/etc/network/interface“.
Setelah diisi interfacenya atau eth0 nya restart networkingnya dengan cara: #/etc/init.d/networking restart
keterangan : eth0 diisi agar bisa internet
# buat ngeblok domain
acl blockeddomain dstdom_regex “/etc/squid/blockeddomain.txt”
http_access deny blockeddomain
keterangan : eth0 diisi agar bisa internet
# buat ngeblok domain
acl blockeddomain dstdom_regex “/etc/squid/blockeddomain.txt”
http_access deny blockeddomain
# buat ngeblok url yang ada kata tertentu
acl blockedstring url_regex “/etc/squid/blockedstring.txt”
http_access deny blockedstring
contoh isi blockeddomain.txt
—-
gator.com
lop.com
asexvideo.com
playboy.com
—-
contoh isi blockedstring.txt
—–
dialer.exe
loader.exe
livesexcams.exe
Free_Sex_Download.exe
acl blockedstring url_regex “/etc/squid/blockedstring.txt”
http_access deny blockedstring
contoh isi blockeddomain.txt
—-
gator.com
lop.com
asexvideo.com
playboy.com
—-
contoh isi blockedstring.txt
—–
dialer.exe
loader.exe
livesexcams.exe
Free_Sex_Download.exe
Setelah semua telah dsetting kemudian restart squid dengan cara : #/etc/init.d/squid restart
Kemudian
#iptables –t nat -A PREROUTING -s 192.168.2.0/24 -p tcp –dport 80 -j REDIRECT –to-port 3128
sama
#iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j MASQUERADE
#iptables-save
lalu #/etc/init.d/squid restart
Ini cara ngeblok menggunakan internet dan agar bisa main internet/ agar internetnya jalan
setelah itu restart apache2, bind9, sama squid caranya:
#/etc/init.d/apache2 restart
#/etc/init.d/bind9 restart
#/etc/init.d/squid restart
Kemudian
#iptables –t nat -A PREROUTING -s 192.168.2.0/24 -p tcp –dport 80 -j REDIRECT –to-port 3128
sama
#iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j MASQUERADE
#iptables-save
lalu #/etc/init.d/squid restart
Ini cara ngeblok menggunakan internet dan agar bisa main internet/ agar internetnya jalan
setelah itu restart apache2, bind9, sama squid caranya:
#/etc/init.d/apache2 restart
#/etc/init.d/bind9 restart
#/etc/init.d/squid restart
Konfigurasi Mail Server Linux Debian
1). Install packages yang diperlukan untuk membangun “Mail Server” :
# beckz@debian:~$ apt-get install postfix
# beckz@debian:~$ apt-get install squirrelmail
# beckz@debian:~$ apt-get install courier-imap
# beckz@debian:~$ apt-get install courier-pop
# beckz@debian:~$ apt-get install php4-imap
2). Edit file konfigurasi Mail Server :
# beckz@debian:~$ pico /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA’s job.
append_dot_mydomain = no
# Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = beckz.net
mydomain =beckz.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mydestination = beckz.net, beckz, localhost.localdomain, localhost
home_mailbox = Maildir/
relayhost =
mynetworks = 127.0.0.0/8 192.168.13.0/24
#mailbox_command = procmail -a “$EXTENSION”
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
3). Edit juga file konfigurasi yang lain :
# beckz@debian:~$ pico /etc/apache2/sites-available/default
NameVirtualHost 192.168.13.13
NameVirtualHost 192.168.2.1
<VirtualHost 192.168.13.13>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2′s default start page
# in /apache2-default/, but still have / go to the right place
RedirectMatch ^/$ /apache2-default/
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory “/usr/lib/cgi-bin”>
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /mail/ “/usr/share/squirrelmail/”
<Directory “/usr/share/squirrelmail/”>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from all
</Directory>
</VirtualHost>
<VirtualHost 192.168.2.1>
DocumentRoot /home/www
ServerName beckz.net
</VirtualHost>
4). Membuat folder Maildir di user tertentu :
# beckz@debian:~$ cd /home/beckz
# beckz@debian:~$ maildirmake Maildir
5). Ubah hak akses pemilik Maildir :
# beckz@debian:~$ chown beckz.beckz Maildir -Rf
6). Membuat folder Maildir otomatis ketika create user :
# cd /etc/skel
# maildirmake Maildir
7). Jalankan Mail Server :
# beckz@debian:~$ /etc/init.d/postfix restart
# beckz@debian:~$ /etc/init.d/squirrelmail restart
# beckz@debian:~$ /etc/init.d/courier-imap restart
# beckz@debian:~$ /etc/init.d/courier-pop restart
# beckz@debian:~$ /etc/init.d/cuorier-authdaemon restart
0 komentar:
Posting Komentar