Persiapan
- Laptop
- Memori minimal 1 GB
- Hard Disk minimal 20 GB
- Ubuntu server 10.04 dan BlankOn Pattimura
- VirtualBox
Instalasi
- Membuat dua mesin virtual menggunakan VirtualBox
- Mesin pertama menggunakan Ubuntu Server 10.04
- Mesin kedua menggunakan BlankOn Pattimura yang bertugas sebagai client
Konfigurasi Router dan Proxy
menggunakan squid3
- Mempersiapkan mesin pertama menjadi router proxy, kemudian login ke mesin pertama (Ubuntu Server 10.04)
- Mengatur kartu jaringan$ sudo vim /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
post-up iptables-restore <
/etc/iptables.rules
auto eth1
iface eth1 inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
- Menginstal ssh server$ sudo apt-get install ssh-server
- Meremot dengan menggunakan ssh dari terminal utama (laptop)$ ssh username@ipeth1 (di ubuntu server)
- Memasang Squid3$ sudo apt-get install squid3
- Mengedit konfigurasi squid3$ sudo mv /etc/squid3/squid.conf /etc/squid3/squid.conf.orig
$ sudo vim
/etc/squid3/squid.conf
http_port 3128 transparent
acl username src 192.168.0.0/24
acl localnet src
127.0.0.1/255.255.255.255
http_access allow username
http_access allow localnet
cache_dir ufs /var/spool/squid3 7000 16 256
- Menyalakan ulang squid3
$
sudo /etc/init.d/squid3 restart
- Membuat aturan iptables :
#!/bin/sh
# squid server IP
#iptables -t nat -A PREROUTING
-i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination
192.168.0.1:3128
#iptables -t nat -A PREROUTING
-i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
SQUID_SERVER="192.168.0.1"
# Interface connected to
Internet
INTERNET="eth0"
# Interface connected to LAN
LAN_IN="eth1"
# Squid port
SQUID_PORT="3128"
# DO NOT MODIFY BELOW
# Clean old firewall
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
# Load IPTABLES modules for NAT
and IP conntrack support
#modprobe ip_conntrack
#modprobe ip_conntrack_ftp
#echo 1 >
/proc/sys/net/ipv4/ip_forward
# Setting default filter policy
#iptables -P INPUT DROP
#iptables -P OUTPUT ACCEPT
# Unlimited access to loop back
iptables -A INPUT -i lo -j
ACCEPT
iptables -A OUTPUT -o lo -j
ACCEPT
# Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET
-m state --state ESTABLISHED,RELATED -j ACCEPT
# set this system as a router
for Rest of LAN
iptables --table nat --append
POSTROUTING --out-interface $INTERNET -j MASQUERADE
iptables --append FORWARD
--in-interface $LAN_IN -j ACCEPT
# unlimited access to LAN
iptables -A INPUT -i $LAN_IN -j
ACCEPT
iptables -A OUTPUT -o $LAN_IN -j
ACCEPT
# DNAT port 80 request comming
from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy
iptables -t nat -A PREROUTING -i
$LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT
# if it is same system
iptables -t nat -A PREROUTING -i
$INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT
- Menyimpan pengaturan iptables yangg sudah dibuat$ sudo sh -c "iptables-save > /etc/iptables.rules"
- Mengaktifkan packet forwarding untuk IPv4 dan IPv6$ sudo vim /etc/sysctl.conf
Net.ipv4.ip_forward = 1
Net.ipv6.conf.all.forwarding = 1
- Menyalakan ulang Ubuntu servernya$ sudo reboot
Setelah proses diatas selesai maka
router proxy sudah siap beroperasi
Uji Komputer Client
1. Nyalakan mesin virtual kedua (BlankOn
Pattimura)
2. Mengatur IP di edit connection kemudian reconnect
3. Memasukkan IP DNS
$ sudo gedit /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
4. Mencoba browsing, jika berhasil maka routingnya berhasil.
thanks kakak,.
BalasHapussama-sama
BalasHapus