INSTALL & KONFIGURASI MIKROTIK
SEBAGAI SAMBA & PROXY
1.Setelah instalasi Ubuntu
administrator@ubuntu:~$ sudo su
[sudo] password for administrator:(masukan password )
root@ubuntu:/home/administrator# passwd root
Enter new UNIX password:(masukan password untuk root)
Retype new UNIX password:(masukan password untuk root harus sama dengan yang diatas)
buka winscp dari client
Host Name : isikan ip ubuntu (172.16.0.2)
user name : root
Password : 123456
klik login
Ganti repository adanya di /etc/apt/sources.list
klik etc
klik apt
klik sources list
hapus semua yang ada ganti dengan
deb http://kambing.ui.ac.id/ubuntu/ precise-proposed main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise main restricted universe multiverse
buka putty
update ubuntu
apt-get update
install samba
apt-get install samba
buat direktory untuk samba
mkdir /data/sharing
Beri Hak Akses untuk direktory samba
chmod 777 /data/sharing
buat user samba
smbpasswd -a administrator
New SMB Password:123456
Retype SMB Password:123456
KONFIGURASI SAMBA
Buka /etc/samba/smb.conf
isikan data data berikut pada baris paling bawah
[sharing]
browseable = yes
writeable = yes
coment = yes
path = /data/sharing
share mode = yes
readonly = no
valid users = administrator
public = yes
create mode = 0777
directory mode = 0777
lalu simpan
setelah itu restart samba tersebut
/etc/init.d/smbd restart
untuk menguji samba di client (win 7)
buka run lalu masukan ip ubuntu
\\172.16.0.2
username : administrator
Password : 123456
install Proxy
apt-get install squid
Beri Hak Akses untuk partisi /proxy
chmod 777 /proxy
Beri Hak Akses user proxy untuk partisi /proxy
chown -R proxy.proxy /proxy
KONFIGURASI SQUID
Buka /etc/squid3/squid.conf
hapus semua yang ada ganti dengan
# WELCOME TO SQUID 3.1.19
# ----------------------------
# OPTIONS FOR AUTHENTICATION
# -----------------------------------------------------------------------------
# ACCESS CONTROLS
# -----------------------------------------------------------------------------
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
#acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#acl localnet src fc00::/7 # RFC 4193 local private network range
#acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl blokir url_regex "/etc/squid3/blokir"
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#______________________________________________________
#LOCAL NET#
#______________________________________________________
acl localnet src 172.16.0.1 #(sesuaikan / GANTI dengan ip ether mikrotik yang terhubung ke ubuntu)
#Default:
# http_access deny all
http_access allow manager localhost
http_access deny manager
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
#http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny blokir
http_access allow localnet
http_access deny all
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
# Squid normally listens to port 3128
http_port 3128 transparent
# SSL OPTIONS
# -----------------------------------------------------------------------------
# MEMORY CACHE OPTIONS
# -----------------------------------------------------------------------------
cache_mem 256 MB
maximum_object_size_in_memory 512 KB
memory_replacement_policy lru
# DISK CACHE OPTIONS
# -----------------------------------------------------------------------------
cache_replacement_policy lru
#cache_dir ufs /var/spool/squid3 100 16 256
cache_dir diskd /proxy 35000 16 256
# max_open_disk_fds 0
minimum_object_size 0 KB
maximum_object_size 4096 KB
cache_swap_low 90
cache_swap_high 95
# LOGFILE OPTIONS
# -----------------------------------------------------------------------------
#logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
#logformat squidmime %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
#logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh
#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
#Default:
# none
# access_log /var/log/squid3/access.log squid
#Default:
# access_log /var/log/squid3/access.log squid
# OPTIONS FOR FTP GATEWAYING
# -----------------------------------------------------------------------------
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
# example lin deb packages
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320
# HTTP OPTIONS
# -----------------------------------------------------------------------------
# TIMEOUTS
# -----------------------------------------------------------------------------
# ADMINISTRATIVE PARAMETERS
# -----------------------------------------------------------------------------
cache_effective_user proxy
# OPTIONS FOR THE CACHE REGISTRATION SERVICE
# -----------------------------------------------------------------------------
visible_hostname http;//smkbinamandiri.net
cache_mgr (masukan alamat email)
# CACHE DIGEST OPTIONS
# -----------------------------------------------------------------------------
# ERROR PAGE OPTIONS
# -----------------------------------------------------------------------------
# error_log_languages on
# err_page_stylesheet /etc/squid3/errorpage.css
lalu simpan
lalu Buatkan file blokir
nano /etc/squid3/blokir
(isikan dengan web yang akan di block)
lalu simpan
setelah itu
squid3 -z
setelah itu restart squid tersebut
/etc/init.d/squid3 restart
lalu buat nat di mikrotik
/ip firewall nat
add action=dst-nat chain=dstnat comment="Redirec to Ext. Proxy" dst-port=80 in-interface=ether2 (ether mikrotik yang terhubung ke client protocol=tcp src-address=!172.16.0.2 to-addresses=172.16.0.2 \
to-ports=3128
cek proxy
tail -f /var/log/squid3/access.log
administrator@ubuntu:~$ sudo su
[sudo] password for administrator:(masukan password )
root@ubuntu:/home/administrator# passwd root
Enter new UNIX password:(masukan password untuk root)
Retype new UNIX password:(masukan password untuk root harus sama dengan yang diatas)
buka winscp dari client
Host Name : isikan ip ubuntu (172.16.0.2)
user name : root
Password : 123456
klik login
Ganti repository adanya di /etc/apt/sources.list
klik etc
klik apt
klik sources list
hapus semua yang ada ganti dengan
deb http://kambing.ui.ac.id/ubuntu/ precise-proposed main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise main restricted universe multiverse
buka putty
update ubuntu
apt-get update
install samba
apt-get install samba
buat direktory untuk samba
mkdir /data/sharing
Beri Hak Akses untuk direktory samba
chmod 777 /data/sharing
buat user samba
smbpasswd -a administrator
New SMB Password:123456
Retype SMB Password:123456
KONFIGURASI SAMBA
Buka /etc/samba/smb.conf
isikan data data berikut pada baris paling bawah
[sharing]
browseable = yes
writeable = yes
coment = yes
path = /data/sharing
share mode = yes
readonly = no
valid users = administrator
public = yes
create mode = 0777
directory mode = 0777
lalu simpan
setelah itu restart samba tersebut
/etc/init.d/smbd restart
untuk menguji samba di client (win 7)
buka run lalu masukan ip ubuntu
\\172.16.0.2
username : administrator
Password : 123456
install Proxy
apt-get install squid
Beri Hak Akses untuk partisi /proxy
chmod 777 /proxy
Beri Hak Akses user proxy untuk partisi /proxy
chown -R proxy.proxy /proxy
KONFIGURASI SQUID
Buka /etc/squid3/squid.conf
hapus semua yang ada ganti dengan
# WELCOME TO SQUID 3.1.19
# ----------------------------
# OPTIONS FOR AUTHENTICATION
# -----------------------------------------------------------------------------
# ACCESS CONTROLS
# -----------------------------------------------------------------------------
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
#acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#acl localnet src fc00::/7 # RFC 4193 local private network range
#acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl blokir url_regex "/etc/squid3/blokir"
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#______________________________________________________
#LOCAL NET#
#______________________________________________________
acl localnet src 172.16.0.1 #(sesuaikan / GANTI dengan ip ether mikrotik yang terhubung ke ubuntu)
#Default:
# http_access deny all
http_access allow manager localhost
http_access deny manager
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
#http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny blokir
http_access allow localnet
http_access deny all
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
# Squid normally listens to port 3128
http_port 3128 transparent
# SSL OPTIONS
# -----------------------------------------------------------------------------
# MEMORY CACHE OPTIONS
# -----------------------------------------------------------------------------
cache_mem 256 MB
maximum_object_size_in_memory 512 KB
memory_replacement_policy lru
# DISK CACHE OPTIONS
# -----------------------------------------------------------------------------
cache_replacement_policy lru
#cache_dir ufs /var/spool/squid3 100 16 256
cache_dir diskd /proxy 35000 16 256
# max_open_disk_fds 0
minimum_object_size 0 KB
maximum_object_size 4096 KB
cache_swap_low 90
cache_swap_high 95
# LOGFILE OPTIONS
# -----------------------------------------------------------------------------
#logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
#logformat squidmime %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
#logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh
#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
#Default:
# none
# access_log /var/log/squid3/access.log squid
#Default:
# access_log /var/log/squid3/access.log squid
# OPTIONS FOR FTP GATEWAYING
# -----------------------------------------------------------------------------
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
# example lin deb packages
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320
# HTTP OPTIONS
# -----------------------------------------------------------------------------
# TIMEOUTS
# -----------------------------------------------------------------------------
# ADMINISTRATIVE PARAMETERS
# -----------------------------------------------------------------------------
cache_effective_user proxy
# OPTIONS FOR THE CACHE REGISTRATION SERVICE
# -----------------------------------------------------------------------------
visible_hostname http;//smkbinamandiri.net
cache_mgr (masukan alamat email)
# CACHE DIGEST OPTIONS
# -----------------------------------------------------------------------------
# ERROR PAGE OPTIONS
# -----------------------------------------------------------------------------
# error_log_languages on
# err_page_stylesheet /etc/squid3/errorpage.css
lalu simpan
lalu Buatkan file blokir
nano /etc/squid3/blokir
(isikan dengan web yang akan di block)
lalu simpan
setelah itu
squid3 -z
setelah itu restart squid tersebut
/etc/init.d/squid3 restart
lalu buat nat di mikrotik
/ip firewall nat
add action=dst-nat chain=dstnat comment="Redirec to Ext. Proxy" dst-port=80 in-interface=ether2 (ether mikrotik yang terhubung ke client protocol=tcp src-address=!172.16.0.2 to-addresses=172.16.0.2 \
to-ports=3128
cek proxy
tail -f /var/log/squid3/access.log
0 komentar:
Posting Komentar