1. SSH (Partisi LVM)
2. Konfigurasi Network
3. DHCP ke eth1
4. Aktifkan NAT dengan IPTABLES
5. SQUID
6. Aktifkan NAT dengan IPTABLES transparan port 3128
7. SELESAI
1. MOUNTING
# apt-cdrom add
2. Set IP Address eth0 dan eth1.
Pengisian :
Eth0 terhubung ke Modem ADSL IP 10.10.10.1
Eth1 terhubung ke Jaringan Lokal / client internet
Set eth0 dengan IP 10.10.10.15 dan eth1 dengan IP 192.168.50.1
# nano /etc/network/interfaces
auto eth0
iface eth0 inet static
iface eth0 inet static
address 10.10.10.20
netmask 255.255.255.0
network 10.10.10.0
broadcast 10.10.10.255
gateway 10.10.10.1
# dns-* options are implemented by the resolvconf package, if installed dns-nameservers 10.10.10.1
netmask 255.255.255.0
network 10.10.10.0
broadcast 10.10.10.255
gateway 10.10.10.1
# dns-* options are implemented by the resolvconf package, if installed dns-nameservers 10.10.10.1
auto eth1
iface eth1 inet static
iface eth1 inet static
address 192.168.50.1
network 192.168.50.0
network 192.168.50.0
netmask 255.255.255.0
broadcast 192.168.50.255
broadcast 192.168.50.255
3. Mengaktifkan NAT
Konfigurasi Routing IPTABLES
# nano /etc/rc.local
** Masukkan rule iptables untuk share internet dari eth0 ke eth1.
# iptables -t nat -A POSTROUTING -s 192.168.50.1/24 –d 0/0 -j MASQUERADE
**Mengirim dari port 80 lalu lintas web ke squid (transparent) proxy (setelah squid terinstall)
# iptables -A PREROUTING -t nat -i eth1 -s 192.168.50.0/24 –p tcp --dport 80 -j REDIRECT --to-port 3128
Aktifkan nat
# iptables –L -t nat
** Lalu hilangkan tanda pagar (#) yang ada di depan komentar berikut :
# nano /etc/sysctl.conf
#net.ipv4.ip_forward =1
# sysctl –p
Di restart..
# /etc/init.d/networking restart
4. DHCP
#apt-get install dhcp3-server
#nano /etc/default/dhcp3-server
Cari baris : INTERFACES=”eth1”
#nano /etc/dhcp3/dhcpd.conf
Hapus, ganti dg script
subnet 192.168.50.0 netmask 255.255.255.0 {
range 192.168.50.2 192.168.50.254;
option domain-name-servers 10.10.10.1;
option domain-name “dikdik.sch.id”;
option routers 192.168.50.1;
option broadcast-address 192.168.50.255;
default-lease-time 600;
max-lease-time 7200;
}
# nano /etc/resolv.conf
Isi dengan script
name server 10.10.10.15
search 192.168.50.1
#/etc/init.d/dhcp3-server restart
Cek DNS server
# nano /etc/resolv.conf
5. SQUID
# apt-get install squid
Backup file asli squid untuk jaga-jaga..
# cd /etc/squid
# cp squid.conf squid.conf.iksu
File konfigurasi squid ada di
# nano /etc/squid/squid.conf
Cari dan tambahkan script berikut
http_port 3128 transparent
icp_port 3130
cache_mgr dikdik@iksu.sch.id
Cari kata INSERT YOUR kemudian dibawahnya kita tambahkan
acl dikdik src 192.168.50.0/24
http_access allow dikdik
Cari kata acl CONNECT kemudian dibawahnya kita tambahkan
acl url dstdomain "/etc/squid/blok.txt"
no_cache deny url
http_access deny url
#nano /etc/squid/blok.txt
Masukan script berikut.
#chown -R proxy.proxy /etc/squid/blok.txt
Restart # /etc/init.d/squid restart
