house of sysadmin
login::signup
we::blog

archive
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
July 2008

HOUSE OF SYSTEM ADMINISTRATOR

LA REINA MULTIMEDIA 
jl.Peternakan Gg.Mawar no.10, Mataram 
tlp. 0370-649047 hp.081803608480 
Web disain dan pengurusan Web hosting 
dot com dot co dot id dot go dot id etc. 
email: heru.minandar@gmail.com 
icq: 59317512 
yahooID: hminandar 
voip rakyat: (621881001)22725 
msn: hminandar  
portfolio: 
Lombok IT Integrated Committee 
kamus besar bahasa Indonesia online 
toko alat musik 
rri-denpasar.com 
www.elombok.net cheapest web design n hosting 
another log  
jurnal kbbi online 
bidy tours and travel 
kamus bahasa sasak 
cakrawala multimedia 
senaru rinjani trekking 
PT SERUNI PIAMPO SAADA 
lombok diary 
Bali Cozy Tour and Travel 
lombok crimsonblog 
dipa production 
lomboknews

last modified Jul 6, 2008 at 22:48

Wednesday, October 19, 2005

wrt54g sebagai bekap wateway ISP

ini isi dari /etc/rc.d/rc.local di dvb
#!/bin/sh
###ini utk dvb
################
#ip route add 69.88.24.33 via 202.152.55.210
route add default gw 202.152.55.209
# touch /var/lock/subsys/local
#arahkan situs dalam ke LA
iptables -t nat -A POSTROUTING -s 192.168.2.100/24 -d 202.0.0.0/6 -j SNAT --to 202.152.55.211
iptables -t nat -A POSTROUTING -s 192.168.2.100/24 -d 222.0.0.0/6 -j SNAT --to 202.152.55.211
iptables -t nat -A POSTROUTING -s 192.168.2.100/24 -d 203.0.0.0/6 -j SNAT --to 202.152.55.211
iptables -t nat -A POSTROUTING -s 192.168.2.100/24 -d 219.0.0.0/6 -j SNAT --to 202.152.55.211
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -d 0.0.0.0/0 -j SNAT --to 69.88.24.34
=================================

ini ip ro dvb
=============
[root@dvb root]# ip ro
202.152.55.208/29 dev eth0 proto kernel scope link src 202.152.55.211
69.88.24.32/29 dev eth0 scope link
10.2.0.0/24 dev aba_0 proto kernel scope link src 10.2.0.1
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.100
127.0.0.0/8 dev lo scope link
default via 202.152.55.209 dev eth0
----------------------------
======
[root@dvb root]# ip addr
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:00:0e:b8:bd:aa brd ff:ff:ff:ff:ff:ff
inet 202.152.55.211/29 brd 202.152.55.215 scope global eth0:0
inet 192.168.2.100/24 brd 192.168.2.255 scope global eth0:1
inet 69.88.24.34/29 brd 69.88.24.39 scope global eth0
3: aba_0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:d0:72:01:42:0a brd ff:ff:ff:ff:ff:ff
inet 10.2.0.1/24 brd 10.255.255.255 scope global aba_0
==================================

149092 | posted by howto at 7:39 | 0 comments

Friday, October 7, 2005

proxy transparent

install squid yg incl. di RH 7.2
edit file /etc/squid/squid.conf
http_port 8080
cache_mem 80 MB
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.2.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# And finally deny all other access to this proxy
http_access allow localhost
http_access allow localnet
http_access deny all
cache_mgr info@cakrawalamultimedia.com
visible_hostname www.cakrawalamultimedia.com
#setting utk transparent proxy
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

##lalu setting di file /etc/rc.d/rc.local
#iptables
/sbin/modprobe ipt_LOG
/sbin/modprobe ipt_REJECT
/sbin/modprobe ipt_MASQUERADE
#menjalankan ip forward
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr

#hapus filter lama
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
#hapus aturan lama
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT

#batalkan semua filter dan nat
/sbin/iptables -F
/sbin/iptables -t nat -F

#jalankan forward dan masguerading
/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

#jalankan proxy transparan
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
#JALANKAN MASQUERADE
#jika tidak pake proxy maka ini di uncomment
#/sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0/0 -j MASQUERADE
#touch /var/lock/subsys/local
####
## buat swap file squid
squid -z
lalu jalan kan squid dgn perintah
squid start
#### coba jalankan ####
sudah berjalan di server gili trawangan burnoc dan di superstart senggigi the fastest internet

148583 | posted by howto at 13:31 | 0 comments