Efek Bintang
SMS Gratis
PROXY TRANSPARENT
# apt-get install squid
Konfigurasi file nano squid.conf menjadi berikut ini
http_port 3128 transparent
cache_mem 100 MB
cache_dir ufs /var/spool/squid 500 16 256
cache_mgr admin@bn.com
visible_hostname proxy.bn.com
acl situs url_regex -i "/home/situs.txt"
http_access deny situs
http_access allow all
buat daftar situs yang akan diblok
# nano /home/situs.txt
Restart squid
# /etc/init.d/squid restart
Ketikan perintah untuk membuat proxy mode transparent
# iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-ports 3128
Cek proxy tail –f /var/log/syslog
DHCP SERVER
DNS SERVER
# apt-get install bind
Konfigurasi file named.conf dengan perintah
# nano named.conf
zone "bn.com" {
type master;
file "forward";
};
zone "tkj.bn.com" {
type master;
file "forward";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "reverse";
};
# cp -a db.local /var/cache/bind/forward
# cp -a db.127 /var/cache/bind/reverse
# nano /var/cache/bind/forward
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA bn.com. tkj.bn.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS bn.com.
@ IN A 192.168.1.2
IN MX 10 mail.bn.com.
ns IN CNAME @
www IN CNAME @
ftp IN CNAME @
mail IN CNAME @
web IN CNAME @
# nano /var/cache/bind/reverse
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA bn.com. tkj.bn.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS bn.com.
2 IN PTR bn.com.
2 IN PTR tkj.bn.com.
Restart file bind
# /etc/init.d/bind restart
WEB SERVER
# apt-get install apache2
# apt-get install php5
Beri tanda pagar pada script berikut :
# RedirectMatch ^/$ /apache2-default/
ServerAdmin bn@bn.com
ServerName tkj.bn.com
DocumentRoot /home/web/
# mkdir /home/web
# nano /home/web/index.php
# nano /etc/apache2/web/info.pph
infophp ();
>?
# /etc/init.d/apache2 restart
MAIL SERVER
# apt-get update
# apt-cdrom add
# apt-get update
# apt-get install postfix
# apt-get install courier-imap
# apt-get install courier-pop
# cd /etc/postfix/
# nano main.cf
myhostname = server.bn.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail.bn.com, server.bn.com, localhost.bn.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 192.168.1.0/24
# mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
# cd /etc/skel/
# maildirmake Maildir/
# adduser ila
Adding user `ila' ...
Adding new group `ila' (1001) ...
Adding new user `ila' (1001) with group `ila' ...
Creating home directory `/home/ila' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for ila
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [y/N] y
# /etc/init.d/postfix restart
Stopping Postfix Mail Transport Agent: postfix.
Starting Postfix Mail Transport Agent: postfix.
# /etc/init.d/courier-imap restart
Stopping Courier IMAP server: imapd.
Starting Courier IMAP server: imapd.
# /etc/init.d/courier-pop restart
Stopping Courier POP3 server: pop3d.
Starting Courier POP3 server: pop3d.
# /etc/init.d/courier-authdaemon restart
Stopping Courier authentication services: authdaemond.
Starting Courier authentication services: authdaemond.
MAIL SERVER
# apt-get install squirrelmail
# cd /etc/squirrelmail/
# nano apache.conf
Alias /webmail /usr/share/squirrelmail
#
DocumentRoot /usr/share/squirrelmail
ServerName tkj.bn.com
#
# nano /etc/apache2/apache2.conf
Include /etc/squirrelmail/apache.conf
# /etc/init.d/apache2 restart
FTP SERVER
# apt-get install proftpd
server:/etc/squirrelmail# nano /etc/proftpd/proftpd.conf
User ftp
Group nogroup
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Cosmetic changes, all files belongs to ftp user
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell off
# Limit the maximum number of anonymous logins
MaxClients 10
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
# Uncomment this if you're brave.
#
# # Umask 022 is a good standard umask to prevent new files and dirs
# # (second parm) from being group and world writable.
# Umask 022 022
#
# DenyAll
#
#
# AllowAll
#
#
server:/etc/squirrelmail# /etc/init.d/proftpd restart
ProFTPd is started from inetd.
DHCP SERVER
# apt-get install dhcp3-server
# nano /etc/dhcp3/dhcpd.conf
# A slightly different configuration for an internal subnet.
subnet 172.16.1.0 netmask 255.255.255.0 {
range 172.16.1.100 172.16.1.200;
option domain-name-servers 192.168.1.2;
option domain-name "bn.com";
option routers 172.16.1.1;
option broadcast-address 172.16.1.255;
default-lease-time 600;
max-lease-time 7200;
}
# /etc/init.d/dhcp3-server restart
Stopping DHCP server: dhcpd3.
Starting DHCP server: dhcpd3.
SAMBA
# apt-get install samba
# nano /etc/samba/smb.conf
#======================= Global Settings =======================
workgroup = WORKGROUP
Netbios = server
####### Authentication #######
security = share
[coba]
path = /home/tkj/coba
available = yes
browseable = yes
writable = yes
public = yes
# mkdir /home/tkj/coba
# chmod 777 -Rf /home/tkj/coba/
# chown tkj.tkj /home/tkj/coba/
# /etc/init.d/samba restart
Stopping Samba daemons: nmbd smbd.
Starting Samba daemons: nmbd smbd.
PC ROUTER
Aktifkan ip forward dengan perintah berikut
# echo 1 > /proc/sys/net/ipv4/ip_forward
Agar settingan tidak hilang saat di reboot maka simpan di file rc.local
# nano /etc/rc.local
echo 1 > /proc/sys/net/ipv4/ip_forward
FIREWALL
Block port 22 dan icmp
router:/home/tkj# iptables -A FORWARD -p tcp --dport 80 -j DROP
router:/home/tkj# iptables -A FORWARD -p icmp -j DROP
