Berikut saya akan menjelaskan beberapa konfigurasi linux
# Membuat IP Permanen
vi /etc/sysconfig/network/ifcfg-eth0
>klik tombol insert
>Ubah seperti ini
BOOTPROTO='static'
BROADCAST='192.168.10.254'
ETHTOOL_OPTIONS=''
IPADDR='192.168.10.1'
MTU=''
NAME='AMD PCnet - Fast 79C971'
NETMASK='255.255.255.0'
NETWORK=''
REMOTE_IPADDR=''
STARTMODE='auto'
USERCONTROL='no'
# cara keluarmenyimpan configurasi = esc > :wq
# cara keluar tanpa menyimpan konfigurasi = esc > :q
# Cara mengubah konfigure Firewall
yast > Securety and user > Firewall > Allowed Service >
# Cara membuat Folder
mkdir martin
# cara pindah dari folder
cd..
# Cara mngecek flash disk
mount /dev/sd > klik tab 2 kali
# Cara mamasukan flah disk
mount /dev/sdc1 /media/martin
# Cara mengeluarkan flah disk
umount /media/ukirindo/
# Cara melihat isi flash disk
cd /media/martin > ls
# ls membaca folder > cara mengkopi cp lowongan3.html /media
# Cara nginstal di linux
tar xvfz xampp-linux-1.6.6.tar.gz -C /opt
/opt/lampp/lampp start
/opt/lampp/lampp stop untuk menghentikan konfigurasi
# Remote telnet
init 0 Shutdown
init 6 restart
# Uninstal Programe
cd /opt/lampp
rm -rf *
# Konfigure Squid or Proxy Server
vi /etc/squid/squid.conf >> Menuju halaman 2439
IP Fungtion Lalu edit : acl Martin src 192.168.10.0/255.255.255.0
Port Fungtion : http_port 8080 >> pada halaman 82
# Squid Fungtion
service squid start untuk start
service squid stop Untuk stop
service squid status untuk melihat status
ss -ap Mengcek service berjalan
1. Beda Limit Bandwidth Siang dan Malam
Bandwidth = 06:00am – 18:00pm – 1Mbps.
Bandwidth = 18:00pm – 06:00am – 2Mbps.
#name=”Siang” source=/queue simple enable Siang; /queue simple disable Malam
#name=”Malam” source=/queue simple enable Malam; /queue simple disable Siang
Buat Jadwal
#name=”Siang” on-event=Siang start-date=may/15/2008 start-time=06:00:00 interval=1d
#name=”Malam” on-event=Malam start-date=may/15/2008 start-time=18:00:00 interval=1d
2. Amankan Client Anda
/ip firewall filter
add chain=forward connection-state=established comment="allow established connections"
add chain=forward connection-state=related comment="allow related connections"
add chain=forward connection-state=invalid action=drop comment="drop invalid connections"
Menu Block Allow and Drop
add chain=forward action=accept protocol=tcp dst-port=80 comment="Allow HTTP"
add chain=forward action=accept protocol=tcp dst-port=25 comment="Allow SMTP"
add chain=forward protocol=tcp comment="allow TCP"
add chain=forward protocol=icmp comment="allow ping"
add chain=forward protocol=udp comment="allow udp"
add chain=forward action=drop comment="drop everything else"
3. IP MAGLE untuk memisahkan bandwhich game dan browsing
/ip address
add address=10.10.10.2/30 interface=ether1 comment=ISP 1 for IIX disabled=no
add address=20.20.20.2/30 interface=ether2 comment=ISP 2 for Internasional disabled=no
add address=192.168.0.1/24 interface=ether3 disabled=no
/ip firewall mangle
add chain=prerouting src-address=192.168.0.0/24 dst-address-list=nice action=mark-routing new-routing-mark=iix disabled=no comment=Routing Mark for IIX
/ip route
add gateway=20.20.20.1
add gateway=10.10.10.1 routing-mark=iix
/ip firewall nat
add chain=srcnat action=masquerade disabled=no
4. Membuat Router pada OpenSUSE
Mengaktifkan fungsi routing
# echo 1>/proc/sys/net/ipv4/ipforward
Membuat routing dengan target berupa sebuah network
# route add -net 168.155.121.0/24 gw 165.155.121.1
Membuat routing table
# iptables -t nat -A POSTROUTING -s 165.155.121.0/24 -j MASQUERADE
Menyimpan iptables
# iptables-save > /etc/sysconfig/iptables-net
Agar iptables langsung start saat komputer baru hidup,
# mcedit /etc/init.d/network
tambahkan
iptables-restore < /etc/sysconfig/iptables-net
5. PC Router + firewall
2. Mengaktifkan IP Forwarding
# echo 1 > /proc/sys/net/ipv4/ip_forward
3. Menginstall aplikasi bridge-utils
# apt-get install bridge-utils
4. Mengaktifkan device bridge (br0)
# brctl addbr br0
# brctl addif br0 eth0
# brctl addif br0 eth1
# ifconfig eth0 0
# ifconfig eth1 0
5. Memberikan IP pada perangkat bridge dengan cara static atau dhcp
# ifconfig br0 10.252.108.100 netmask 255.255.255.0
atau
# dhclient br0
1. Install aplikasi iptables
# apt-get install iptables
2. Hapus semua rule iptables pada PC router
# iptables -F
# iptables -t nat -F
3. Rubah chain pada firewall menjadi default ACCEPT
# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT
# iptables -P FORWARD ACCEPT
4. Catat rule hasil firewall
# iptables -nL
Contoh bloking jalur ping :
# iptables -I FORWARD -s 0.0.0.0/0 -d 0.0.0.0/0 -p icmp -j DROP
Contoh bloking jalur web :
# iptables -I FORWARD -d sembarang.com -p tcp -dport 80 -j DROP
Untuk menghitung jumlah paket yg tertangkap:
#iptables -nvL
6. Router warnet
a. Menconfigurasi IP eth0
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
isi dengan :
DEVICE=eth0
BOOTPROTO=static
IPADDR=202.159.121.2
BROADCAST=202.159.121.7
NETMASK=255.255.255.248
ONBOOT=yes
USERCTL=no
b. Setting DNS Resolver
# vi /etc/resolv.conf
lalu isi dengan nameserver dari isp kita tadi :
nameserver 202.159.0.10
nameserver 202.159.0.20
Setting IP Forwarding
# Membuat IP Permanen
vi /etc/sysconfig/network/ifcfg-eth0
>klik tombol insert
>Ubah seperti ini
BOOTPROTO='static'
BROADCAST='192.168.10.254'
ETHTOOL_OPTIONS=''
IPADDR='192.168.10.1'
MTU=''
NAME='AMD PCnet - Fast 79C971'
NETMASK='255.255.255.0'
NETWORK=''
REMOTE_IPADDR=''
STARTMODE='auto'
USERCONTROL='no'
# cara keluarmenyimpan configurasi = esc > :wq
# cara keluar tanpa menyimpan konfigurasi = esc > :q
# Cara mengubah konfigure Firewall
yast > Securety and user > Firewall > Allowed Service >
# Cara membuat Folder
mkdir martin
# cara pindah dari folder
cd..
# Cara mngecek flash disk
mount /dev/sd > klik tab 2 kali
# Cara mamasukan flah disk
mount /dev/sdc1 /media/martin
# Cara mengeluarkan flah disk
umount /media/ukirindo/
# Cara melihat isi flash disk
cd /media/martin > ls
# ls membaca folder > cara mengkopi cp lowongan3.html /media
# Cara nginstal di linux
tar xvfz xampp-linux-1.6.6.tar.gz -C /opt
/opt/lampp/lampp start
/opt/lampp/lampp stop untuk menghentikan konfigurasi
# Remote telnet
init 0 Shutdown
init 6 restart
# Uninstal Programe
cd /opt/lampp
rm -rf *
# Konfigure Squid or Proxy Server
vi /etc/squid/squid.conf >> Menuju halaman 2439
IP Fungtion Lalu edit : acl Martin src 192.168.10.0/255.255.255.0
Port Fungtion : http_port 8080 >> pada halaman 82
# Squid Fungtion
service squid start untuk start
service squid stop Untuk stop
service squid status untuk melihat status
ss -ap Mengcek service berjalan
1. Beda Limit Bandwidth Siang dan Malam
Bandwidth = 06:00am – 18:00pm – 1Mbps.
Bandwidth = 18:00pm – 06:00am – 2Mbps.
#name=”Siang” source=/queue simple enable Siang; /queue simple disable Malam
#name=”Malam” source=/queue simple enable Malam; /queue simple disable Siang
Buat Jadwal
#name=”Siang” on-event=Siang start-date=may/15/2008 start-time=06:00:00 interval=1d
#name=”Malam” on-event=Malam start-date=may/15/2008 start-time=18:00:00 interval=1d
2. Amankan Client Anda
/ip firewall filter
add chain=forward connection-state=established comment="allow established connections"
add chain=forward connection-state=related comment="allow related connections"
add chain=forward connection-state=invalid action=drop comment="drop invalid connections"
Menu Block Allow and Drop
add chain=forward action=accept protocol=tcp dst-port=80 comment="Allow HTTP"
add chain=forward action=accept protocol=tcp dst-port=25 comment="Allow SMTP"
add chain=forward protocol=tcp comment="allow TCP"
add chain=forward protocol=icmp comment="allow ping"
add chain=forward protocol=udp comment="allow udp"
add chain=forward action=drop comment="drop everything else"
3. IP MAGLE untuk memisahkan bandwhich game dan browsing
/ip address
add address=10.10.10.2/30 interface=ether1 comment=ISP 1 for IIX disabled=no
add address=20.20.20.2/30 interface=ether2 comment=ISP 2 for Internasional disabled=no
add address=192.168.0.1/24 interface=ether3 disabled=no
/ip firewall mangle
add chain=prerouting src-address=192.168.0.0/24 dst-address-list=nice action=mark-routing new-routing-mark=iix disabled=no comment=Routing Mark for IIX
/ip route
add gateway=20.20.20.1
add gateway=10.10.10.1 routing-mark=iix
/ip firewall nat
add chain=srcnat action=masquerade disabled=no
4. Membuat Router pada OpenSUSE
Mengaktifkan fungsi routing
# echo 1>/proc/sys/net/ipv4/ipforward
Membuat routing dengan target berupa sebuah network
# route add -net 168.155.121.0/24 gw 165.155.121.1
Membuat routing table
# iptables -t nat -A POSTROUTING -s 165.155.121.0/24 -j MASQUERADE
Menyimpan iptables
# iptables-save > /etc/sysconfig/iptables-net
Agar iptables langsung start saat komputer baru hidup,
# mcedit /etc/init.d/network
tambahkan
iptables-restore < /etc/sysconfig/iptables-net
5. PC Router + firewall
2. Mengaktifkan IP Forwarding
# echo 1 > /proc/sys/net/ipv4/ip_forward
3. Menginstall aplikasi bridge-utils
# apt-get install bridge-utils
4. Mengaktifkan device bridge (br0)
# brctl addbr br0
# brctl addif br0 eth0
# brctl addif br0 eth1
# ifconfig eth0 0
# ifconfig eth1 0
5. Memberikan IP pada perangkat bridge dengan cara static atau dhcp
# ifconfig br0 10.252.108.100 netmask 255.255.255.0
atau
# dhclient br0
1. Install aplikasi iptables
# apt-get install iptables
2. Hapus semua rule iptables pada PC router
# iptables -F
# iptables -t nat -F
3. Rubah chain pada firewall menjadi default ACCEPT
# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT
# iptables -P FORWARD ACCEPT
4. Catat rule hasil firewall
# iptables -nL
Contoh bloking jalur ping :
# iptables -I FORWARD -s 0.0.0.0/0 -d 0.0.0.0/0 -p icmp -j DROP
Contoh bloking jalur web :
# iptables -I FORWARD -d sembarang.com -p tcp -dport 80 -j DROP
Untuk menghitung jumlah paket yg tertangkap:
#iptables -nvL
6. Router warnet
a. Menconfigurasi IP eth0
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
isi dengan :
DEVICE=eth0
BOOTPROTO=static
IPADDR=202.159.121.2
BROADCAST=202.159.121.7
NETMASK=255.255.255.248
ONBOOT=yes
USERCTL=no
b. Setting DNS Resolver
# vi /etc/resolv.conf
lalu isi dengan nameserver dari isp kita tadi :
nameserver 202.159.0.10
nameserver 202.159.0.20
Setting IP Forwarding
Komentar
Posting Komentar